Skip to main content

API Keys

Generate an API key

The client SDK provides the generateApiKey method that takes an optional configuration object with the following properties: name and expireAt.

Validate Requests

In order to validate if the API key is valid, you have to make a POST request to the /api_key/verify endpoint with the following payload:

"api_key": "<api-key>"

If the API key is valid, a claims object will be returned:

type Claims = {
sub: string; // the user id
exp: number, // timestamp until the claims expire
traits: Array<string>, // traits given to the user

If the token is invalid, a 401 will be returned.

The test suite provides an example: