# Authentication

The PayPro API uses API keys to authenticate requests. You can retrieve your API keys in the [PayPro Dashboard](https://app.paypro.nl/developers/api-keys).

Your API keys carry many privileges, so be sure to keep them secure! Do not share your API keys in publicly accessible areas such as GitHub, client-side code, and so forth.

All API requests must be made over [HTTPS](http://en.wikipedia.org/wiki/HTTP_Secure) and with [TLS 1.2+](https://en.wikipedia.org/wiki/Transport_Layer_Security).

## Authenticating an API call

Authentication to the API is performed via the Authorization header. Setting your API key as the bearer token.

Example:


```sh
curl -X get https://api.paypro.nl/payments \
     -H "Authorization: Bearer pp_ffTBYqhJjsxs6CzdyDq6Mwza4UztqGin"
```