API authentication
The Melio API uses Bearer token authentication. All API requests must include a valid API key in the Authorization header.
Authentication Method
Bearer Token Authentication
- Header:
Authorization: Bearer <your-api-key> - Format: HTTP Bearer authentication scheme
- Required: Yes, for all API endpoints
How to Authenticate
Include your API key in the Authorization header of every request:
curl -X GET "https://partner-api.melio.com/v1/organizations" \
-H "Authorization: Bearer your-api-key-here" \
-H "Content-Type: application/json"
Getting Your API Key
You can view and manage your API keys in the Partner Portal.
Authentication Errors
| Status Code | Error Code | Description |
|---|---|---|
| 403 | MISSING_AUTHORIZATION_HEADER | Authorization header is missing |
| 403 | INVALID_AUTHENTICATION_TOKEN | API key is invalid or expired |
Security Notes
- Keep your API keys secure and never expose them in client-side code
- API keys have expiration dates - monitor and rotate them as needed
- Each API key is tied to a specific partner account