x-key header.
Get your API key
- Sign up at app.revenuebase.ai.
- Go to Developers located in the sidebar and copy the Production API Key.
Send the key with every request
x-key header — not in Authorization, not as a query parameter.
Handle authentication errors
A missing or invalid key returns401 Unauthorized:
403 Forbidden:
- The header name is
x-key(notAuthorizationorx-api-key) - You copied the full key with no leading or trailing spaces
- The key hasn’t been revoked in the dashboard
Keep keys secure
- Never commit keys to version control — use environment variables or a secrets manager
- Server-side only — don’t expose keys in client-side code, mobile apps, or browser requests
- Rotate if compromised — create a new key in the dashboard and revoke the old one immediately
