Skip to main content

Before you begin

Before you can start making requests towards Sendcloud APIs, register a Sendcloud account, and obtain your Public and Secret API keys in order to authenticate your requests. When adding an API integration in the Sendcloud panel, take a look at the following settings:
  • Service Points: allows the API integration to be used in servicepoint.sendcloud.sc API.
  • Use OAuth2 authentication: enforces the integration to use OAuth2 authentication instead of basic, otherwise it fails.
    OAuth2 authentication is currently available as a beta feature for a limited number of clients.

Basic Authentication

Sendcloud uses Basic Authentication for authenticating requests for APIs, where your username is your Public Key and your password is your Private Key as provided for your integration.
Do not share your Private API keys in publicly accessible areas such as GitHub, client-side code, etc.

Authenticating your requests

Once you have obtained your Public and Private keys, start authenticating your requests. To do this, include your keys in your requests.
Example request using curl
curl --location 'https://panel.sendcloud.sc/api/v2/parcels' \
--header 'Accept: application/json' \
--header 'Authorization: Basic <base64-encoded-token>'
The Authorization header value is constructed by combining the API keys (base64-encoded) separated by a colon (:). While this example uses curl, you can use any programming language or HTTP client that supports setting HTTP headers to make authenticated requests to the Sendcloud API.

OAuth2 authentication (beta)

OAuth2 authentication is currently available as a beta feature for a limited number of clients. Following this beta phase, we are planning a gradual rollout of the OAuth2 authentication feature to all users. Our aim is to ensure a smooth transition and to continue providing an optimal user experience throughout the process.
OAuth2 provides a token-based authentication mechanism. Obtain an access token by authenticating with the OAuth2 server, then include the obtained token in the Authorization headers of your API requests. To generate an API integration for OAuth2, tick the Use OAuth2 authentication checkbox when creating it in the Sendcloud panel.
Example request using curl
# Generate an OAuth2 access token
curl -X POST --location "https://account.sendcloud.com/oauth2/token" \
  --header "Content-Type: application/x-www-form-urlencoded" \
  -d "grant_type=client_credentials&scope=api" \
  --basic --user your_sendcloud_public_key:your_sendcloud_private_key
The response for the above request will be similar to the following:
Response body
{
  "access_token": "ory_at_dK...",
  "expires_in": 3599,
  "scope": "api",
  "token_type": "bearer"
}
This request returns an access_token, which you can use in subsequent API requests:
Example request using curl
# Make a request to the Sendcloud API using OAuth2 authentication
curl --location "https://panel.sendcloud.sc/api/v2/user" \
  --header "Authorization: Bearer ${access_token}"