Upodi use a token API key to allow access to the API. You will need to create this API key in Upodi. To retrieve an API key, follow these steps:

  1. Sign in with an administrative account.
  2. Go to Setup > Developer > API Keys.
  3. Generate a new API token. API keys are generated under two scopes - READ or WRITE or both.
  4. Keep the API token safe and use it only on non-customer facing code (not in Javascript or HTML).


Be careful

As you setup an API key, be sure to select either read or write access permissions. Setting Upodi.js privileges will not enable the REST API to work. See the upodi.js section below.

Once created, add the key token encoded with Base64 as an authorization header, of the HTTP request to the API. The scheme is bearer.

Authorization: Bearer {base64 encoding of the API key}

The API header must be a base64, iso-8859-1 encoding of your API token. Keep your keys secure and do not expose them. Use to test.



All API requests must be made over HTTPS (TLS/SSL). Calls made over plain HTTP will be rejected by our security protocol and fail. Most requests require authentication.

Our API and webhooks strictly enforce TLS 1.2 from SSL/TLS. You will have to configure your integration with support of TLS 1.2