Authentication
Authenticate API requests with API keys
All Fanbeam API requests require authentication using an API key.
API Keys
API keys are used to authenticate requests and identify your workspace. Each API key is scoped to a specific workspace and has its own rate limits.
Getting Your API Key
- Log in to your Fanbeam account
- Navigate to Settings → API Keys
- Click Create API Key
- Copy the API key (it's only shown once)
Using API Keys
Include your API key in the X-API-Key header:
curl -H "X-API-Key: your-api-key" \
https://fanbeam.app/api/postsJavaScript/TypeScript Example
const response = await fetch('https://fanbeam.app/api/posts', {
headers: {
'X-API-Key': 'your-api-key',
'Content-Type': 'application/json',
},
});SDK Example
If you're using the Fanbeam SDK, pass the API key when initializing the client:
import { Fanbeam } from 'fanbeam';
const client = new Fanbeam({
apiKey: 'your-api-key',
});
const posts = await client.posts.list();Security Best Practices
- Keep API keys secret - Never commit API keys to version control
- Use environment variables - Store API keys in environment variables
- Rotate regularly - Generate new API keys periodically
- Revoke unused keys - Delete API keys that are no longer needed
- Use separate keys - Use different API keys for different environments (dev, staging, prod)
Rate Limits
Each API key has its own rate limit:
- Standard: 100 requests per minute
- Burst: Up to 200 requests in a short burst
Rate limit headers are included in responses:
X-RateLimit-Limit: 100
X-RateLimit-Remaining: 95
X-RateLimit-Reset: 1640995200Error Responses
Invalid API Key
{
"error": "UNAUTHORIZED",
"message": "Invalid API key"
}Missing API Key
{
"error": "UNAUTHORIZED",
"message": "API key required"
}