Guides
  1. Products

Authentication & API Credentials

Understand how to authenticate with our API and how to obtain your API credentials.

API keys

All Noggin Sandbox and Production APIs are secured using API keys.

  • API keys are generated by Noggin and shared with you or can be accessed via the Noggin Dashboard after contract completion.
  • Different products or endpoints may require different API keys. Ensure you are using the correct key for the API you are calling.

How to authenticate requests

To authenticate your requests, include your API key in the request header:

x-api-key: YOUR_API_KEY

Requests with missing, invalid, or mismatched API keys will be rejected with an INVALID_API_KEY error.

How to rotate API keys

You can rotate your API keys at any time via the Noggin Dashboard

  • Navigate to the API section to view all keys associated with your account.
  • For security reasons, existing key values cannot be viewed.
  • To rotate a key, click the refresh button/icon and confirm the action.
🚧

Key rotation is destructive. Once a key is rotated, the previous key is immediately invalidated. Ensure all dependent services are updated with the new key to avoid service disruption

Sandbox Limits

To ensure fair usage and system stability, the following limits apply to all Sandbox API keys:

Rate Limiting

  • Each Sandbox API key is limited to 50 API calls (lifetime total)

Transaction Limits (Categorisation Endpoint)

  • Each request to the categorisation endpoint supports a maximum of 1,000 transactions per API call