search

Authentication

All API requests to Bedrock require authentication using an API key.

hashtag
API Keys

API keys are used to authenticate requests to the Bedrock API. You can generate and manage API keys from the Settingsarrow-up-right page in your dashboard.

hashtag
Key Format

API keys follow this format:

sk_live_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

hashtag
Using Your API Key

Include your API key in the X-API-Key header:

curl https://api.bedrock.io/v1/charges \
  -H "X-API-Key: sk_live_your_api_key"

hashtag
IP Whitelisting

For additional security, you can restrict API key usage to specific IP addresses.

hashtag
Configure IP Whitelist

  1. Go to Settings in your dashboard

  2. Under API Access, add allowed IP addresses

  3. Supports individual IPs and CIDR notation (e.g., 192.168.1.0/24)

When IP whitelisting is enabled, requests from non-whitelisted IPs will be rejected with a 401 Unauthorized error.

hashtag
Key Rotation

To rotate your API key:

  1. Go to Settings in your dashboard

  2. Click Regenerate API Key

  3. Update your integration with the new key

circle-exclamation

Regenerating your API key will immediately invalidate the old key. Make sure to update your integration before regenerating.

hashtag
Security Best Practices

  • Never expose your API key in client-side code

  • Use environment variables to store API keys

  • Rotate keys periodically

  • Enable IP whitelisting for production environments

  • Use separate keys for testing and production

PreviousIntroductionNextQuick Start

Last updated