Skip to main content
The PIK Open API uses API key authentication. Every request you make to the API must include your API key in the Authorization header. There are no session cookies or OAuth flows — just a static key you generate once from the Dashboard.

Generate an API key

1

Log in to the Dashboard

Go to the PIK Dashboard and log in with your account credentials.
2

Open Account Settings

Click your account name or avatar in the top-right corner and select Account Settings.
3

Navigate to API Keys

In the Account Settings menu, click API Keys.
4

Create a new key

Click Generate API Key. Give the key a descriptive name (e.g., “Production server”, “Test environment”). Click Create.
5

Copy and store the key

The API key is shown once. Copy it immediately and store it in a secure location such as an environment variable or secrets manager. PIK does not show the key again after you leave this page.
Never embed your API key directly in client-side code or commit it to a public repository. Treat it like a password.

Pass the API key in requests

Include your API key as a Bearer token in the Authorization header of every request: 
curl -X GET https://api.pik.global/v1/payment-links \
  -H "Authorization: Bearer YOUR_API_KEY"
All requests must also be made over HTTPS. HTTP requests are rejected.

Code examples

curl -X POST https://api.pik.global/v1/payment-links \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "amount": "100.00",
    "currency": "USDT"
  }'

Authentication errors

HTTP StatusErrorMeaning
401unauthorizedNo API key provided or the key is invalid
403forbiddenThe API key does not have permission for this action
If you receive a 401 error, verify that:
  • The Authorization header is present on the request
  • The header value follows the format Bearer YOUR_API_KEY (with a space, not a colon)
  • The API key has not been deleted or rotated in the Dashboard

Rotate or revoke a key

If your API key is compromised, revoke it immediately from the Dashboard:
  1. Go to Account SettingsAPI Keys
  2. Find the key you want to revoke
  3. Click Revoke
Revoked keys stop working immediately. Generate a new key and update your application.
Use separate API keys for your production and development/test environments. This lets you revoke a test key without affecting production.