Security Notes
- Store API keys securely on your backend.
- Never expose API keys in client-side code.
- Use HTTPS for all requests.
- Rotate keys periodically via
/business/api-keys/regenerate. - Use your test key for sandbox development and your production key only for live traffic.
- Do not mix test and production credentials inside the same integration flow.