API Key | Glossary | DocLD

An API key is a secret credential that identifies and authenticates your application when calling the DocLD API. You pass it in the Authorization header (e.g., Bearer YOUR_API_KEY). API keys are created in the DocLD dashboard and should be stored securely; they grant access to your organization’s resources.

Best Practices

Keep keys secret — Do not commit keys to source control or expose them in client-side code.
Rotate — Rotate keys periodically or if compromised; create new keys in the dashboard and revoke old ones.
Scoping — Use separate keys per environment (e.g., development vs production) or per integration if supported.

Authentication and authorization are enforced using API keys; rate limits and quotas apply per key or per organization.

API keys enable authentication for the API. Authorization determines what the key can access. Keys are managed in the dashboard.

Frequently Asked Questions

Best Practices

Keep keys secret — Do not commit keys to source control or expose them in client-side code.
Rotate — Rotate keys periodically or if compromised; create new keys in the dashboard and revoke old ones.
Scoping — Use separate keys per environment (e.g., development vs production) or per integration if supported.

Authentication and authorization are enforced using API keys; rate limits and quotas apply per key or per organization.

API keys enable authentication for the API. Authorization determines what the key can access. Keys are managed in the dashboard.

Best Practices

Related Concepts

Frequently Asked Questions

Best Practices

Related Concepts

Frequently Asked Questions