API Keys

​

Understanding API Keys

• User-specific: Each API key belongs to a specific user within your organization
• Permission-based: Keys inherit the permissions of the user they belong to
• Format: All keys follow the pattern sk_live_... for live environment
• Bearer tokens: Used in the Authorization header of API requests

​

Creating API Keys

1. Log into your Paygentic Dashboard
2. Navigate to Settings → API Keys
3. Click Create New Key
4. Provide a descriptive name for the key
5. Copy the generated key immediately (it won’t be shown again)

​

Managing API Keys

​

Viewing API Keys

• View all active API keys
• See the creation date and last used date
• Identify keys by their descriptive names
• View partial key values (last 4 characters)

​

Revoking API Keys

1. Navigate to Settings → API Keys
2. Find the key you want to revoke
3. Click the Revoke button
4. Confirm the action

​

Best Practices

​

Security

• Never commit API keys to version control
• Use environment variables or secure secret management systems
• Rotate keys regularly
• Revoke unused or compromised keys immediately
• Use different keys for different environments (development, staging, production)

​

Organization

• Use descriptive names for your API keys
• Create separate keys for different applications or services
• Monitor key usage to identify inactive keys
• Document which keys are used by which applications

​

Using API Keys

curl -H "Authorization: Bearer sk_live_YOUR_API_KEY" \
  https://api.paygentic.sh/v0/products

​

Troubleshooting

​

Invalid API Key

• Verify the key is correctly formatted
• Check that the key hasn’t been revoked
• Ensure you’re using the correct key for your environment

​

Permissions Issues

• Verify the user associated with the API key has the required permissions
• Check that the key is being used for the correct organization
• Contact your organization administrator if you need additional permissions