> ## Documentation Index
> Fetch the complete documentation index at: https://docs.equalsmoney.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Introduction

> Learn about request and response formatting, base URLs, and authentication.

The Equals API is RESTful, authenticates using API keys, uses form-encoded request bodies, and returns JSON-encoded responses. It uses standard HTTP response codes, authentication, and verbs. We provide a testing environment called sandbox, so you can safely try out the API without affecting any of your live data.

<Note>
  **API spec version 5.118.3**, published 22 June 2026.
</Note>

## What's REST?

The Equals API conforms to the [REST](https://en.wikipedia.org/wiki/REST) (Representational State Transfer) design principles. When a client requests a resource, our server transfers back the current state of this resource in a standardised representation using HTTP (Hypertext Transfer Protocol). This means that all requests and responses follow the same overall formatting.

## Base URLs

Every request uses one of the two following URLs, depending on whether you're working in your live environment (production) or your test environment (sandbox).

<CodeGroup>
  ```bash Production theme={null}
  https://api.equalsmoney.com
  ```

  ```bash Sandbox theme={null}
  https://api-sandbox.equalsmoney.com
  ```
</CodeGroup>

## Authentication

The Equals API uses API keys to authenticate requests. These are provided during the onboarding process (one per environment).

To authenticate, you need to include an `Authorization` header in all of your requests. In this header, you must state that you're using an API key (similar to [HTTP basic access authentication](https://en.wikipedia.org/wiki/Basic_access_authentication)).

For example, if your API key is `1070598f-6540-4c8a-b08f-f7c33dcc726a`:

```curl theme={null}
curl 'https://api.equalsmoney.com/v2/webhooks' \
  -H 'Authorization: ApiKey 1070598f-6540-4c8a-b08f-f7c33dcc726a'
```

If the API key isn't valid, you'll receive a `403` response. If you don't provide an `Authorization` header at all, you'll receive a `401`.

<Info>
  For more detailed information about using the API, such as whitelisting or webhook retries, see the [quickstart guide](/pages/get-started/about-the-api).
</Info>