Skip to main content

Authorization

Follow this guide to create a new Zip credential that will allow Nexla to authenticate to and exchange data with your Zip merchant account.
zip_api_auth.png

Zip

Prerequisites

Zip uses API key authentication for its merchant API. Your API key is a secure credential that identifies and authorizes your merchant account for all API requests. Before creating a Zip credential in Nexla, ensure you have access to your Zip Merchant Dashboard and have obtained your API key.

Obtain Your Zip API Key

Zip API keys are tied to your merchant account and environment (sandbox or production). You will need separate keys for sandbox testing and production use.

  1. Log in to your Zip Merchant Dashboard as an admin user. API keys are only accessible to admin-level accounts for security reasons.

  2. Navigate to Settings > Integrations in the left-hand menu.

  3. Locate the API Keys section. You may see two sets of keys — one for Sandbox (testing) and one for Production (live transactions).

  4. Copy the API key for the environment you intend to use.

    Keep your API key confidential. Do not place it in publicly accessible locations such as open-source repositories or client-side code. For additional details, see the Zip Authentication documentation.

Determine Your Base URL

Zip provides separate base URLs for different environments and regions. Select the correct URL for your deployment:

  • Production: https://merchant-api.zip.co
  • Sandbox (Testing): https://sand.merchant-api.com

Use the sandbox URL when testing your integration to avoid processing real transactions.

Create a Zip Credential

  • To create a new Zip credential, after selecting the data source/destination type, click the Add Credential tile to open the Add New Credential overlay.

Credential Name & Description

  1. Enter a name for the credential in the Credential Name field and a short, meaningful description in the Credential Description field.

    Resource descriptions are recommended but are not required. They should be used to provide information about the resource purpose, data freshness, etc. that can help the owner and other users efficiently understand and utilize the resource.

API Key Authentication

Zip authenticates API requests using a Bearer token scheme. Nexla sends your API key as a Bearer token in the Authorization header of every request.

  1. Enter your Zip Merchant API key in the API Key field. This is the key obtained from your Zip Merchant Dashboard under Settings > Integrations.

    The API key is transmitted securely and stored encrypted in Nexla. Nexla automatically formats it as Bearer {your_api_key} in the Authorization header for all Zip API requests.

  2. Select or enter the Base URL for your Zip environment:

    • Select Production (https://merchant-api.zip.co) for live merchant transactions.
    • Select Sandbox (https://sand.merchant-api.com) for testing and development.

    You may also enter a custom base URL if your Zip account uses a different regional endpoint.

Save the Credential

  1. Once all of the relevant steps in the above sections have been completed, click the Save button at the bottom of the overlay to save the configured credential.

  2. The newly added credential will now appear in a tile on the Authenticate screen during data source/destination creation and can be selected for use with a new data source or destination.