Authentication

​

API Keys

​

Obtaining Your API Key

1. Navigate to Settings → API Keys in your dashboard
2. Click Generate New API Key
3. Give your key a descriptive name (e.g., “Production Server”)
4. Copy the key immediately (it won’t be shown again)

​

Using Your API Key

Authorization: Bearer YOUR_API_KEY

​

Example Request

curl https://api.infinipost.co/v1/accounts \
  -H "Authorization: Bearer sk_live_abc123..."

​

API Key Types

​

Best Practices

​

Store Keys Securely

// ✅ Good
const apiKey = process.env.INFINIPOST_API_KEY;

// ❌ Bad
const apiKey = 'sk_live_abc123...';

​

Rotate Keys Regularly

1. Generate a new key in the dashboard
2. Update your application to use the new key
3. Delete the old key once confirmed working

​

Use Separate Keys per Environment

• Production API Key → Production server
• Staging API Key → Staging server
• Development API Key → Local development

​

Error Responses

​

Missing API Key

{
  "error": {
    "code": "unauthorized",
    "message": "No API key provided"
  }
}

​

Invalid API Key

{
  "error": {
    "code": "invalid_api_key",
    "message": "The API key provided is invalid"
  }
}

​

Expired API Key

{
  "error": {
    "code": "api_key_expired",
    "message": "This API key has expired"
  }
}

​

Questions?