Server-side Keys
How to create and use server-side API keys
Server-side API keys must be stored securely!
Enable only the scopes you need, and no more, and do NOT expose your keys on the frontend of your app, or your github code repository.
Create a Server-side Key
Navigate to the API Keys section of the developer console and click the “Create new key” button in the server-side keys section.
Select Scopes
Within the modal that opens, toggle the required scopes on and click the “Create server key” button at the bottom. You may need to expand an accordion for the product area you’re working on to expose additional scope options.
You can determine the scopes you need by visiting the API reference page for the API(s) you need to interact with.
Using a Server-side Key
With an API key provisioned and the appropriate scopes you’re ready to use the key. When making API reqeusts, pass a header named X-API-KEY
that includes your API key value.
If you’re using the API Playground you can add your API key in the Authorization section and this will set it as a header when making the request.
When calling the APIs from server-side code, you set the X-API-KEY
header however the target language or library expects it. See some examples below:
All of the API routes in the API Reference include code examples for many popular programming languages.