Each set of standard secret keys corresponds to a single Evy store. In the event a partner has multiple stores with varying configurations, a multi-store API key can be generated as well to ease authentication.

Sandbox environment keys have the prefix ek_sandbox_ and production environment secret keys have the prefix ek_prod_.

In production, you have have two types of secret keys: an admin secret key, and a read-only secret key.

The admin key should be used to perform server-side requests.
The read-only key should be used to perform client-side requests.

Your secret keys carry many privileges, so be sure to keep them secure! Do not share your secret keys in publicly accessible areas such as GitHub, client-side code, and so forth.

Authentication to the API is performed by adding your api key to the request header under the key apikey.

All API requests must be made over HTTPS. Calls made over plain HTTP will fail. API requests without authentication will also fail.