Skip to main content

API Keys

API keys are used to authenticate your application's requests to the VanityCert API. Each key is unique to your organization and is associated with a specific user and set of permissions.

How to Create an API Key

To create a new API key:

  1. Navigate to the Developer Portal in your settings.
  2. Click the + Create New API Key button.
  3. Fill out the form:
    • Key Name: A descriptive name for your key (e.g., "Main App Integration").
    • Permissions: Select the permissions you want to grant to this key.
    • Expiration Date (Optional): Set a date for the key to automatically expire.
  4. Click Generate Key.
Your API key will be displayed only once upon creation

For security, we do not store the key in plaintext. You must copy and store it securely.

Understanding Your API Key

A VanityCert API key consists of a public key ID and a private secret.

  • Public Key: A public, non-secret identifier used to reference your key (e.g., vc_pk_abc12345).
  • Private Key: The secret part of the key. This is what you must keep confidential.

When making a request to the API, you must send both in separate headers:

X-API-KEY-ID: vc_pk_abc12345
X-API-KEY: your_raw_api_key_secret_here

Security and Best Practices

  • Keep your keys safe. Never commit your API keys to version control (like Git) or expose them in client-side code.
  • Use permissions wisely. Grant each key only the permissions it needs.
  • Use expiration dates. Set expiration dates on keys that are for temporary integrations or testing.
  • Revoke when needed. If a key is compromised, you can revoke it instantly from the Developer Portal.

For more information on how to use your API keys, please refer to our API Reference.