Authentication

All API requests require authentication via two HTTP headers:

Header	Description
`X-PUBLIC-KEY`	Your public API key
`X-SECRET-KEY`	Your secret API key

Both keys must belong to the same account and same environment (live or test).

Finding Your Keys

To find your API Keys, within your Recurrente account, go to:

Settings → API Keys.

Log in to the Recurrente Dashboard
Go to Settings → API Keys
Copy your public and secret keys

Live vs Test Mode

Your account has two sets of keys:

Test keys — Use these during development. No real money is moved.
Live keys — Use these in production. Real transactions are processed.

The API endpoint is the same for both modes. The key pair determines which environment you’re operating in.

Example Request

$ curl https://app.recurrente.com/api/test \
>   -H "X-PUBLIC-KEY: pk_live_abc123..." \
>   -H "X-SECRET-KEY: sk_live_xyz789..."

Authentication Error

If your API keys are not being sent or are invalid, you will receive an HTTP 401 Unauthorized response code:

1 {
2   "message": "Autenticación Errónea 👀"
3 }

The checkout creation endpoint (POST /api/checkouts) only requires the X-PUBLIC-KEY header — no secret key needed. This allows you to create checkouts from client-side code.

Environments

Environment	Base URL
Live	`https://app.recurrente.com/api`
Test	`https://app.recurrente.com/api` (use test-mode keys)