LoyaltyLion offers two types of authentication - token and secret, and OAuth.

Token and secret

If you’re an individual merchant, you should use your site token and secret to authenticate requests to the LoyaltyLion API. Credentials act as a username and password for your API requests and are used by LoyaltyLion to recognise which program the requests come to. Token and secret should be kept secure and be shared only with your team in a trusted environment.

You can find your token and secret in your Dashboard.

For more information about token and secret authentication, please visit our documentation.


OAuth authentication is meant only for LoyaltyLion partners building apps to be used across many stores. If you’re building an integration for a single store, authenticate with a token and secret.

To learn more about authenticating with OAuth, how to register your app with LoyaltyLion, and acquire your client id and secret, please visit our OAuth documentation.