Skip to main content

Authentication

Peak Gateway APIs use Bearer token authentication.

Bearer token format

Send your API key in the Authorization header:

Authorization: Bearer <API_KEY>

API key management

Generate separate keys per environment and service
Rotate keys regularly
Revoke compromised keys immediately
Store keys in a secure secret manager

Test vs live modes

Peak Gateway supports separate test and live credentials:

Test mode: safe integration testing and QA
Live mode: real customer charges and settlements

Never mix test and live keys in the same runtime environment.

Bearer token format
API key management
Test vs live modes