Authentication
The DocLD API uses API keys for authentication. Include your key in the Authorization header on every request.
API Keys
curl https://docld.com/api/v1/documents \
-H "Authorization: Bearer docld_..."Creating a Key
- Go to Settings → API Keys
- Click Create API Key
- Copy the key immediately — it is shown only once
- Store it securely (environment variable, secrets manager)
Key Format
Keys start with docld_ followed by a random hex string:
docld_14cd6c8f9798ac4a970f6c1ed0b92c3f...Rotating Keys
Rotate keys periodically for security. In the dashboard, go to Settings → API Keys, select a key, and click Rotate. The old key is revoked immediately.
Rate Limits
Rate limits are per API key, based on your plan:
| Plan | Requests / Minute | Requests / Day |
|---|---|---|
| Free | 100 | 10,000 |
| Standard | 1,000 | 100,000 |
| Premium | 10,000 | 1,000,000 |
Rate Limit Headers
Every response includes rate limit headers:
X-RateLimit-Limit: 1000
X-RateLimit-Remaining: 950
X-RateLimit-Reset: 1705322400When rate limited you receive a 429 response:
{
"error": {
"type": "rate_limit_error",
"message": "Rate limit exceeded (rpm). Retry after the reset window.",
"code": "rate_limit_exceeded"
}
}Use the Retry-After header to know when to retry.
Security Best Practices
- Never expose keys in client-side code or version control
- Use environment variables —
DOCLD_API_KEY=docld_... - Rotate every 90 days
- Set expiration dates for temporary integrations
- Monitor usage in the dashboard
Last updated on