Docs/Authentication

Authentication

Learn how to authenticate your API requests using API keys.

Bearer Token Authentication

All API requests require authentication using a Bearer token in the Authorization header. Your API key acts as your Bearer token.

API Key Types

Live API Key

Production

Use for production requests. Starts with rv_live_

rv_live_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Test API Key

Sandbox

Use for development and testing. No credits consumed. Starts with rv_test_

rv_test_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Using Your API Key

Include your API key in the Authorization header with the Bearer prefix:

Header
Authorization: Bearer rv_live_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Full Example (cURL)
curl https://api.rocketverifier.com/v1/credits \
  -H "Authorization: Bearer rv_live_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"

Security Best Practices

Use environment variables

Store your API keys in environment variables, not in your source code.

Keep keys secret

Never commit API keys to version control or share them publicly.

Rotate keys regularly

Create new keys periodically and revoke old ones from your dashboard.

Never expose keys client-side

API keys should only be used server-side. Use RocketShield for client-side verification.

Authentication Errors

401

Missing API Key

{
  "error": {
    "code": "unauthorized",
    "message": "API key required",
    "details": null
  }
}
401

Invalid API Key

{
  "error": {
    "code": "unauthorized",
    "message": "Invalid API key",
    "details": null
  }
}

Need an API Key?

Create a free account to get your API key and start verifying emails.