Authentication

The Sequifi API uses API keys to authenticate requests. Include your key in the Authorization header of every request.

API keys

API keys are secret credentials. You can create and manage them in the Dashboard.

• Live keys (sk_live_...) — Use for production and real data.
• Test keys (sk_test_...) — Use for development and sandbox.

Authenticating requests

Send your API key as a Bearer token:

GET /v1/resources HTTP/1.1
Host: api.sequifi.com
Authorization: Bearer sk_live_your_api_key_here

Example with cURL

curl https://api.sequifi.com/v1/resources \
  -H "Authorization: Bearer sk_live_your_api_key_here"

Example with fetch

const response = await fetch('https://api.sequifi.com/v1/resources', {
  headers: {
    Authorization: `Bearer ${process.env.SEQUIFI_API_KEY}`,
  },
});

Keeping your key secure

1. Use environment variables — Never hardcode API keys in source code.
2. Restrict key scope — Create keys with only the permissions your app needs.
3. Rotate keys — Regenerate keys periodically and revoke compromised ones.
4. Server-side only — Do not expose API keys in client-side or mobile code.

Invalid or missing key

If the key is missing or invalid, the API returns:

{
  "error": {
    "code": "unauthorized",
    "message": "Invalid API key provided."
  }
}

HTTP status: 401 Unauthorized.

Next steps

• See Errors & Status Codes for all error responses.
• Check API Reference for endpoint-specific requirements.