API Authentication

Learn how to authenticate your requests to the API Hub using API keys.

Generating an API Key

  1. 1

    Log in to your API Hub account

  2. 2

    Navigate to your API dashboard

  3. 3

    Select the API you want to use

  4. 4

    Click on "Generate API Key"

  5. 5

    Copy and securely store your API key

Security Warning

Your API key grants access to your account and services. Never share your API keys in publicly accessible areas such as GitHub, client-side code, or in your frontend applications.

Using Your API Key

Once you have your API key, you need to include it in all API requests to authenticate. There are two ways to include your API key:

1. Authorization Header (Recommended)

Authorization: Bearer YOUR_API_KEY

2. Query Parameter

https://api.apihub.example/v1/endpoint?api_key=YOUR_API_KEY

cURL

curl -X GET "https://api.apihub.example/v1/endpoint" \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json"

JavaScript (Fetch)

fetch('https://api.apihub.example/v1/endpoint', {
  method: 'GET',
  headers: {
    'Authorization': 'Bearer YOUR_API_KEY',
    'Content-Type': 'application/json'
  }
})
  .then(response => response.json())
  .then(data => console.log(data))
  .catch(error => console.error('Error:', error));

Python (Requests)

import requests


headers = {
    'Authorization': 'Bearer YOUR_API_KEY',
    'Content-Type': 'application/json'
}


response = requests.get('https://api.apihub.example/v1/endpoint', headers=headers)
data = response.json()
print(data)

API Key Management

Follow these best practices to securely manage your API keys and maintain the security of your integration:

Regular Key Rotation

Implement a schedule to regularly rotate your API keys.
This practice limits the impact of potential key exposure and follows security best practices.

Environment Separation

Use distinct API keys for different environments (development, staging, production).
This separation helps isolate issues and prevents production data access from development environments.

Permission Management

Configure appropriate permissions for each API key based on its intended use.
Follow the principle of least privilege to minimize potential security risks.

Usage Monitoring

Regularly monitor API key usage patterns to detect any unusual activity.
Set up alerts for unexpected spikes or anomalies in API usage.

Immediate Response

Have a plan in place to immediately revoke and replace any compromised API keys.
Quick response times are crucial in maintaining security.

Need Help With Authentication?

If you're having trouble with authentication, please contact our support team for assistance.