Skip to main content
Every Pagou API request requires authentication.

Supported methods

  1. Authorization: Bearer <token>
  2. apiKey: <token> header
  3. Basic Auth with username token and password x
Use one method across all services. Bearer token is the recommended default for new integrations. 
GET /v2/transactions HTTP/1.1
Host: api.pagou.ai
Authorization: Bearer YOUR_TOKEN

Example response

{
  "success": true,
  "requestId": "req_1000",
  "data": {
    "data": [],
    "total": 0,
    "next_cursor": null,
    "prev_cursor": null
  }
}

Compatibility examples

GET /v2/transactions HTTP/1.1
Host: api.pagou.ai
apiKey: YOUR_TOKEN

GET /v2/transactions HTTP/1.1
Host: api.pagou.ai
Authorization: Basic dG9rZW46eA==

Common error

Status 401 
{
  "type": "https://api.pagou.ai/problems/unauthorized",
  "title": "Unauthorized",
  "status": 401,
  "detail": "Authentication credentials were not provided or are invalid."
}
Fix: confirm the token belongs to the selected environment and that you are not mixing auth schemes across services.

Operational rules

  • Rotate credentials in your secret manager, not in source code.
  • Never log tokens.
  • Keep browser code on public keys only. Secret API tokens stay on the backend.

Next steps