Security

Security

RU4GOOD API is organized around REST and SOAP. Our API is designed to have predictable URLs and to use HTTP response codes to indicate API errors. We use built-in HTTP features, like HTTP authentication and HTTP verbs, which can be understood by off-the-shelf HTTP clients. JSON will be returned in all responses from API, including errors.


Authentication

You authenticate to RU4GOOD API by providing your secret API key in the request. Authentication to the API occurs via HTTP Basis Auth. Provide your API key as the basic auth username. You do not need to provide a password.

All API requests must be made over HTTPS. Calls made over plain HTTP will fail. You must authenticate for all requests.


Methods

Our API includes call to request a list of charities with their name and logo based on the zip code provided. This information is used when building the payment page.

API method to confirm customer donations to a specific charity with the amount is used to update the RU4GOOD system. The information received by this method is used for reconciliation with payment transfers.