Authentication

All Fanbeam API requests require authentication using an API key.

API Keys

API keys are used to authenticate requests and identify your workspace. Each API key is scoped to a specific workspace and has its own rate limits.

Getting Your API Key

1. Log in to your Fanbeam account
2. Navigate to Settings → API Keys
3. Click Create API Key
4. Copy the API key (it's only shown once)

Using API Keys

Include your API key in the X-API-Key header:

curl -H "X-API-Key: your-api-key" \
  https://fanbeam.app/api/posts

JavaScript/TypeScript Example

const response = await fetch('https://fanbeam.app/api/posts', {
  headers: {
    'X-API-Key': 'your-api-key',
    'Content-Type': 'application/json',
  },
});

SDK Example

If you're using the Fanbeam SDK, pass the API key when initializing the client:

import { Fanbeam } from 'fanbeam';

const client = new Fanbeam({
  apiKey: 'your-api-key',
});

const posts = await client.posts.list();

Security Best Practices

1. Keep API keys secret - Never commit API keys to version control
2. Use environment variables - Store API keys in environment variables
3. Rotate regularly - Generate new API keys periodically
4. Revoke unused keys - Delete API keys that are no longer needed
5. Use separate keys - Use different API keys for different environments (dev, staging, prod)

Rate Limits

Each API key has its own rate limit:

• Standard: 100 requests per minute
• Burst: Up to 200 requests in a short burst

Rate limit headers are included in responses:

X-RateLimit-Limit: 100
X-RateLimit-Remaining: 95
X-RateLimit-Reset: 1640995200

Error Responses

Invalid API Key

{
  "error": "UNAUTHORIZED",
  "message": "Invalid API key"
}

Missing API Key

{
  "error": "UNAUTHORIZED",
  "message": "API key required"
}

Next Steps

• View API Endpoints
• Rate Limits
• SDK Documentation