Guides
  1. API reference

Authentication

All requests to Centrobill API endpoints must include an API key in the Authorization HTTP header. Keys are issued per merchant account in the Merchant portal.

curl -X POST https://api.centrobill.com/payment \
  -H "Authorization: YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{ ... }'

Contact Centrobill support at [email protected] to request access to the merchant account and receive your API key.

Tokenization endpoint exception

POST /tokenize does not require an API key. Card data is posted directly from the customer's browser to the gateway, exchanged for a short-lived token, before any server-side processing occurs.

Staging vs Production keys

Staging and Production are separate environments with separate base URLs. Your API key is environment-specific. A key issued for Staging will not work against the Production endpoint and vice versa.

EnvironmentBase URL
Productionhttps://api.centrobill.com
Staginghttps://stage.api.centrobill.com

Always verify you are using the correct key for the environment you are targeting. Requests sent to the wrong environment are rejected.

📘

Rotate keys if compromised. If you suspect a key has been exposed, contact [email protected] to request a replacement immediately.