API Keys
Learn how to obtain and manage your Keverd API keys for authentication
How to Get API Keys
Sign Up or Log In
Create an account or log in to your existing Keverd account at dashboard.keverd.com
Navigate to API Keys
Once logged in, go to the API Keys section in the dashboard navigation menu.
Create a New API Key
Click the "Create API Key" button and provide a descriptive name for your key.
Example names: "Production App", "Development Environment", "Mobile App v1.0"
Copy Your API Key
After creation, your API key will be displayed only once. Make sure to copy it immediately and store it securely.
Important: API keys are only shown once. If you lose your key, you'll need to create a new one.
Using Your API Key
Once you have your API key, you can use it to initialize any of the Keverd SDKs. Here's how to use it in each SDK:
Android SDK
val config = Config(
apiBaseUrl = "https://api.keverd.com",
apiKey = "your-api-key-here",
consentRequired = true
)
val sdk = KeverdFingerprint.init(context, config)Vanilla JavaScript
import { Keverd } from '@keverdjs/fraud-sdk';
Keverd.init({
apiKey: 'your-api-key-here',
endpoint: 'https://api.keverd.com'
});React SDK
import { KeverdProvider } from '@keverdjs/fraud-sdk-react';
<KeverdProvider
loadOptions={{
apiKey: 'your-api-key-here',
}}
>
<App />
</KeverdProvider>Vue.js SDK
import { createApp } from 'vue';
import { KeverdPlugin } from '@keverdjs/fraud-sdk-vue';
const app = createApp(App);
app.use(KeverdPlugin, {
apiKey: 'your-api-key-here'
});Angular SDK
import { KeverdModule } from '@keverdjs/fraud-sdk-angular';
@NgModule({
imports: [
KeverdModule.forRoot({
apiKey: 'your-api-key-here'
})
]
})Best Practices
Store Keys Securely
Never commit API keys to version control. Use environment variables or secure configuration management. For web applications, use environment variables (like process.env.KEVERD_API_KEY). For mobile apps, use secure storage mechanisms provided by the platform.
Use Different Keys for Environments
Create separate API keys for development, staging, and production environments. This allows you to track usage separately, apply different rate limits, and rotate keys independently. It also helps isolate issues and prevents production keys from being exposed in development environments.
Rotate Keys Regularly
Periodically rotate your API keys for enhanced security. Create a new key, update your applications, then delete the old key. We recommend rotating keys every 90 days for production applications. The dashboard allows you to disable keys without deleting them, making it easy to test new keys before fully rotating.
Monitor Key Usage
Regularly check your API key usage in the dashboard to monitor activity and detect any unauthorized access. The dashboard provides detailed analytics including request counts, error rates, and usage patterns. Set up alerts for unusual activity or when usage exceeds expected thresholds.
Use Descriptive Names
Give your API keys descriptive names that indicate their purpose and environment. This makes it easier to manage multiple keys and identify which key is being used in which application. Examples: "Production Web App", "Staging Mobile App", "Development Testing".
Workspace Association
API keys can be associated with specific workspaces (tenants) for better organization and access control. When creating an API key, you can optionally specify which workspace it belongs to. This is particularly useful for organizations with multiple teams or projects.
Workspace association allows you to:
- Organize API keys by team, project, or department
- Apply different access controls and permissions per workspace
- Track usage and analytics separately for each workspace
- Manage billing and subscriptions at the workspace level
Note: If you're part of multiple workspaces, make sure to select the correct workspace when creating API keys to ensure proper access control and analytics tracking. You can switch between workspaces in the dashboard using the workspace selector in the top navigation.