Skip to main content

API Keys

All API requests require authentication using an API key passed in the x-api-key header.

Getting Your API Key

  1. Visit developers.webacy.co to sign up
  2. Generate your API key
  3. Copy and securely store your key
Keep your API key secure. Do not expose it in client-side code or public repositories.

Using Your API Key

Include your API key in the x-api-key header with every request:

Example Requests

Authentication Errors

Example Error Response

Best Practices

Store your API key in environment variables, not in your code.
  • Rotate keys periodically - Generate new keys and deprecate old ones on a regular schedule
  • Use separate keys - Maintain different keys for development, staging, and production
  • Monitor usage - Check the API Usage endpoint regularly
  • Revoke compromised keys - If a key is exposed, revoke it immediately in your dashboard
  • Server-side only - Never expose your API key in client-side code or mobile apps