All Glyde API requests must be authenticated using Bearer tokens. This ensures that only authorized applications can access your account and perform transactions.Documentation Index
Fetch the complete documentation index at: https://docs.useglyde.co/llms.txt
Use this file to discover all available pages before exploring further.
API Keys
Glyde provides different types of API keys for different purposes:| Key Type | Prefix | Purpose |
|---|---|---|
| Live Secret Key | sk_ | Production transactions with real money |
| Sandbox Secret Key | sk_ | Testing without processing real transactions |
| Public Key | pk_ | Client-side operations with limited access |
Getting Your Keys
- Log in to your dashboard at app.useglyde.co
- Navigate to Settings → API Configuration
- Copy your keys for the appropriate environment
Making Authenticated Requests
Include your secret key in theAuthorization header of every API request:
Authentication Errors
If authentication fails, you’ll receive a401 Unauthorized response:
- Missing
Authorizationheader - Invalid or expired API key
- Using a sandbox key against the production URL (or vice versa)
- Malformed header (e.g., missing “Bearer” prefix)
Environments
Each environment has its own base URL and requires matching API keys:| Mode | Base URL | Key Prefix |
|---|---|---|
| Sandbox | https://sandbox.useglyde.co/v1 | sk_ |
| Production | https://api.useglyde.co/v1 | sk_ |
Security Best Practices
- Use environment variables — Store keys in environment variables, not in code
- Rotate keys periodically — Regenerate keys if you suspect they’ve been compromised
- Separate environments — Use different keys for development, staging, and production
- Server-side only — Make API calls from your backend, never from browsers or mobile apps
- Monitor usage — Review your API logs in the dashboard for unusual activity