Authentication

All API requests must include your API key in the Authorization header using the Bearer token format.

API Key Format

Authorization: Bearer <your-api-key>

Your API key starts with wk_live_ for production or wk_test_ for test keys.

Creating an API Key

Log in to your dashboard
Navigate to Developer → API Keys
Click Create API Key
Select the scopes you need
Copy and securely store your API key
You'll only see it once!

Keep your API key secure. Never commit it to version control or expose it in client-side code. Store it in environment variables or use secret management services.

Making Authenticated Requests

curl -X GET https://api.walletwerk.eu/api/v1/campaigns \
  -H "Authorization: Bearer wk_live_abc123..."

const response = await fetch('https://api.walletwerk.eu/api/v1/campaigns', {
  headers: {
    'Authorization': 'Bearer wk_live_abc123...'
  }
});

if (!response.ok) {
  throw new Error(`HTTP error! status: ${response.status}`);
}

const data = await response.json();
console.log(data);

import requests

headers = {
    'Authorization': 'Bearer wk_live_abc123...'
}

response = requests.get(
    'https://api.walletwerk.eu/api/v1/campaigns',
    headers=headers
)

response.raise_for_status()  # Raises an error for bad status codes
data = response.json()
print(data)

Invalid API Key Response

If your API key is invalid or missing, you'll receive a 401 Unauthorized response:

{
  "success": false,
  "error": {
    "code": "INVALID_API_KEY",
    "message": "Invalid API key"
  }
}

Base URL

All API requests should be made to:

https://api.walletwerk.eu/api/v1

Test vs Production Keys

Test keys (wk_test_...): Use for development and testing. They work with all endpoints but don't send real emails or create production wallet cards.
Production keys (wk_live_...): Use in production. They create real wallet cards and send actual emails.

You can create multiple API keys with different scopes for different services or environments. This allows you to rotate keys and limit access.