Authentication
APIVerve uses X-API-Key header authentication for secure access to all APIs. Learn how to obtain, manage, and securely use your API key.
API Key Authentication
APIVerve uses a single API key per account for authentication. This key must be included in the X-API-Key header for all API requests. Your API key is tied directly to your account and billing plan.
How API Keys Work
Your API key is a unique identifier that authenticates your account with APIVerve services. Each account has one API key that can be rotated as needed for security purposes.
GET /v1/qrcode HTTP/1.1
Host: api.apiverve.com
X-API-Key: your_api_key_here
Content-Type: application/jsonYour API key is available in your dashboard under the "API Keys" section. You can copy your current key or rotate it to generate a new one. Rotating your key immediately invalidates the old key.
Key Management
Your account has a single API key that provides access to all APIVerve APIs based on your subscription plan. Key features:
- Single key per account - Simplifies management and integration
- Plan-based access - Rate limits and API access determined by your subscription
- Rotate when needed - Generate a new key anytime for security purposes
- Immediate activation - New keys work instantly, old keys are disabled immediately
When you rotate your API key, the old key becomes invalid immediately. Make sure to update all your applications with the new key before rotating.
Security Best Practices
Follow these essential security practices when working with your APIVerve API key:
- Keep keys private - Never expose API keys in client-side code, public repositories, or application logs
- Use server-side only - Make API calls from your backend servers, not directly from browsers or mobile apps
- Store securely - Use environment variables or secure configuration management systems
- Rotate when compromised - Generate a new API key immediately if you suspect it has been exposed
- Monitor usage - Regularly check your dashboard for unexpected API usage patterns
For detailed security recommendations, implementation examples, and advanced protection strategies, visit our Security Best Practices page.
Environment Configuration
Here's how to securely store and use your API key in different environments:
APIVERVE_API_KEY=your_actual_api_key_hererequire('dotenv').config();
const apiKey = process.env.APIVERVE_API_KEY;
const response = await fetch('https://api.apiverve.com/v1/qrcode', {
headers: {
'X-API-Key': apiKey
}
});import os
from dotenv import load_dotenv
import requests
load_dotenv()
api_key = os.getenv('APIVERVE_API_KEY')
response = requests.get(
'https://api.apiverve.com/v1/qrcode',
headers={'X-API-Key': api_key}
)<?php
require_once 'vendor/autoload.php';
$dotenv = Dotenv\Dotenv::createImmutable(__DIR__);
$dotenv->load();
$apiKey = $_ENV['APIVERVE_API_KEY'];
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://api.apiverve.com/v1/qrcode');
curl_setopt($ch, CURLOPT_HTTPHEADER, [
'X-API-Key: ' . $apiKey
]);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$response = curl_exec($ch);
curl_close($ch);
?># Run container with environment variable
docker run -e APIVERVE_API_KEY=your_api_key_here myapp
# Or use Docker Compose
version: '3'
services:
app:
image: myapp
environment:
- APIVERVE_API_KEY=your_api_key_hereAuthentication Errors
Common authentication errors and how to resolve them:
{
"status": "error",
"error": "Invalid API key provided",
"data": null
}Solution: Verify your API key is correct and active in your dashboard.
{
"status": "error",
"error": "API key has been suspended",
"data": null
}Solution: Contact support or check your account status in the dashboard.
{
"status": "error",
"error": "Rate limit exceeded",
"data": null
}Solution: Implement exponential backoff or upgrade your plan for higher limits.
Was this page helpful?
Help us improve our documentation