Authentication
The Luqra Now API uses Bearer token authentication with organization-level API keys. Luqra account administrator will provide you with your organization's API key.
Every request must include a valid API key in the Authorization header.
API key types
| Type | Prefix | Purpose |
|---|---|---|
| Sandbox | luqra-now.org.test |
Sandbox payments and testing |
| Production | luqra-now.org.live |
Live payment processing |
Making authenticated requests
Include your API key as a Bearer token:
curl https://staging.api.now.luqra.com/v1/contacts/?originatorId=ORIGINATOR_ID \
-H "Authorization: Bearer luqra-now.org.test.YOUR_API_KEY"
Key management
API keys are provisioned by your Luqra account administrator. Contact your admin to obtain or rotate keys.
Note -- The full API key is provided but not stored by Luqra. Store it securely; it cannot be retrieved later.
Error responses
Invalid or missing authentication returns a 401 Unauthorized response:
{
"error": {
"code": "UNAUTHORIZED",
"message": "Invalid API key"
}
}
Possible messages vary by cause:
| Cause | Message |
|---|---|
| No token provided | Missing or invalid Authorization header. Expected: Bearer <api_key> |
| Key not found | Invalid API key |
| Key revoked | API key has been revoked |
| Key expired | API key has expired |