Authentication
Roastify uses API Keys to authenticate requests and identify your application. You can view and manage your API Key in the Roastify Dashboard.
API Keys
Roastify never stores your API Key (including storage in our database). This means that even in the unlikely event that a database is compromised, API keys are safe. However, we store a sha256 hash of the API Key. When you attempt to verify the API Key, we hash the API Key you provide and compare it to the hash we have stored. If they match, then the API Key is valid.
Obtain a Key
You can obtain an API Key by creating a new Roastify API store. Check out the Create a Store guide to learn how to create a new store.
Using a Key
You will need to authenticate your requests to access the endpoints in the Roastify API. When making requests, you will need to provide your API Key alongside your request. Below is an example of how you can add the token to the request header using cURL:
curl https://api.roastify.app/... \
-H "x-api-key: YOUR_API_KEY"
Warning
Do not share your API Key with anyone. If you believe your API Key has been compromised, you can regenerate one at any time. Regenerating your a key will invalidate your old key.