Using Your API Key

Using Your API Key

How to place the key in requests and keep it secure.

Essentials

Using Your API Key

Include the API key in the Authorization header with the Bearer prefix.

Where the key goes

Use this format in every request. If the key is missing or invalid, the request fails immediately.

Authorization: Bearer YOUR_API_KEY

Recommended setup

.env
Store the key as a secret value on the server.
Rotation
Replace old keys whenever access is compromised.
Sandbox
Use one key for tests and another for production.
Logging
Never print the full token in logs.

Before you go live

Test firstUse sandbox endpoints to confirm your integration works.
Protect secretsStore the key server-side and rotate it when needed.

Related links