Authentication¶
Nimbus uses API keys to authenticate requests. Every request must include
an Authorization header.
- Replace
YOUR_API_KEYwith a key from the dashboard.
Keep your key secret
Never commit API keys to source control or expose them in client-side code. Use environment variables or a secrets manager instead.
Key types¶
| Key type | Scope | Use case |
|---|---|---|
live |
Full read/write on production | Server-side production code |
test |
Full read/write on a sandbox | CI and local development |
readonly |
Read-only on production | Analytics, dashboards |
Rotating keys¶
What happens to the old key?
The previous key remains valid for 24 hours to allow a graceful rollover, then it's automatically revoked.