API Authentication

Authentication requires passing your Authentication Bearer token for the desired environment (sandbox or production) in the header of your API request.

The following is an example request that returns all users with the required authentication headers. Simply replace ${appId} and ${appSecret} with your corresponding API keys, which you can find in the API dashboard.

curl \
--request GET \
--url https://sandbox-api.withabound.com/v2/users \
--header 'Authorization: Bearer <<apiKey>>'
const { default: Abound, Environment } = require("@withabound/node-sdk");

const abound = new Abound({
  appId: "<<sandbox_app_id>>",
  appSecret: "<<sandbox_app_secret>>",
  environment: Environment.SANDBOX,
  apiVersion: "v2",

(async () => {
  const response = await abound.users.list();
import requests

url = "https://sandbox-api.withabound.com/v2/users"

headers = {
    "Accept": "application/json",
    "Authorization": "Bearer <<apiKey>>"

response = requests.request("GET", url, headers=headers)

// import com.squareup.okhttp.*;

OkHttpClient client = new OkHttpClient();

Request request = new Request.Builder()
  .addHeader("Accept", "application/json")
  .addHeader("Authorization", "Bearer <<apiKey>>")

Response response = client.newCall(request).execute();
package main

import (

func main() {

    url := "https://sandbox-api.withabound.com/v2/users"

    req, _ := http.NewRequest("GET", url, nil)

    req.Header.Add("Accept", "application/json")
    req.Header.Add("Authorization", "Bearer <<apiKey>>")

    res, _ := http.DefaultClient.Do(req)

    defer res.Body.Close()
    body, _ := ioutil.ReadAll(res.Body)


// using RestSharp;

var client = new RestClient("https://sandbox-api.withabound.com/v2/users");
var request = new RestRequest(Method.GET);
request.AddHeader("Accept", "application/json");
request.AddHeader("Authorization", "Bearer <<apiKey>>");
IRestResponse response = client.Execute(request);
require 'uri'
require 'net/http'
require 'openssl'

url = URI("https://sandbox-api.withabound.com/v2/users")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Get.new(url)
request["Accept"] = 'application/json'
request["Authorization"] = 'Bearer <<apiKey>>'

response = http.request(request)
puts response.read_body




A non-sensitive, public identifier that is used to identify your app.


A sensitive, private key used to make secure calls to the Abound API from your backend. Your appSecret should never be shared on the client-side or stored directly in your code.


Stateful sandbox environment; use test credentials and build out and test your integration.


Production API environment; this environment is billed and will initiate real money transfers.

Did this page help you?