Authentication - Natural Docs

The Natural API uses Bearer authentication per RFC 6750. Include your API key in the Authorization header of every request:

curl https://api.natural.co/payments \
  -H "Authorization: Bearer sk_ntl_prod_abc123..."

The same API key authenticates the SDKs, the CLI, and REST calls. For AI hosts operating Natural through the MCP connector, use browser OAuth by default. API keys remain available there only for CI, non-interactive, or non-OAuth fallback paths.

API keys

API keys follow the format sk_ntl_{environment}_{secret}:

Prefix	Environment
`sk_ntl_prod_`	Production

The production base URL is https://api.natural.co.

Creating API keys

Create API keys from the Natural Dashboard after completing verification. The key secret is shown once — store it immediately. Each key can be scoped to a subset of permissions. Scope a key down to exactly what the integration needs — for example, a read-only key, or one limited to payments:

{
  "data": {
    "attributes": {
      "name": "Carrier Payment Agent",
      "scopes": ["agents.read", "payments.create", "payments.read"]
    }
  }
}

Security

Store API keys in a dedicated secret management system. Never commit them to source control.
Rotate keys periodically. You can have multiple active keys to enable zero-downtime rotation.
Revoke compromised keys immediately via the dashboard or DELETE /api-keys/{keyId}.
All requests require HTTPS.

MCP — Connect Claude, Cursor, and other AI hosts to Natural
API Reference — Create, list, and revoke keys
Error Handling — Authentication error codes

About the Natural API IDs

⌘I

​API keys

​Creating API keys

​Security

​Related

API keys

Creating API keys

Security

Related