API Key Format
AhaSend API keys follow this format:Keep your API keys secure and never expose them in client-side code, version control, or logs.
Obtaining Your API Key
- Log in to your AhaSend dashboard
- Navigate to API Keys
- Click “Create API Key”
- Select the appropriate scopes for your use case
- Copy and securely store your new API key
API keys are only displayed once during creation. Make sure to copy and store them securely.
Making Authenticated Requests
Authentication to the API is performed via HTTP Bearer Authentication. Provide your API key in theAuthorization
header:
Security Best Practices
Server-Side Only
Only use API keys in server-side applications. Never include them in client-side code.
Secure Storage
Store API keys in environment variables or secure configuration management systems.
Principle of Least Privilege
Create API keys with only the minimum scopes required for your use case.
Regular Rotation
Regularly rotate your API keys and immediately revoke any compromised keys.
Environment Variables
Store your API key as an environment variable:Testing Authentication
You can test your authentication by making a simple request to the Ping utility endpoint:If you’re getting authentication errors, double-check that your API key is correct and that it has the necessary scopes for the endpoint you’re trying to access.
Next Steps
Now that you understand authentication, you can:- Explore API Scopes to understand permission levels
- Check Rate Limits to understand usage restrictions
- Start sending messages with the API