GuardCrow
Docs

Authentication

All API requests require authentication using an API key. This page explains how to obtain and use your API keys securely.

Using Your API Key

Include your API key in the X-API-Key header with every request:

Terminalbash
curl -X POST https://api.guardcrow.com/v1/analyze \
  -H "X-API-Key: sk_live_your_api_key_here" \
  -H "Content-Type: application/json" \
  -d '{"content": "Hello world"}'

Getting Your API Key

1

Sign in to your Dashboard

2

Navigate to your project or create a new one

3

Go to the API Keys section

4

Click "Create API Key" and copy your new key

API Key Format

API keys follow this format:

sk_live_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
  • sk_live_ prefix indicates a production key
  • The key is 32+ characters of random alphanumeric characters

Keep Your API Keys Secure

  • • Never expose API keys in client-side code or public repositories
  • • Use environment variables to store keys
  • • Rotate keys periodically and if compromised
  • • Use different keys for development and production

Best Practices

Use environment variables

Store your API key in an environment variable, not in your code.

# .env file
GUARDCROW_API_KEY=sk_live_your_key_here

Server-side only

Always make API calls from your server, never from the browser.

// ✅ Good: Server-side (Node.js, Python, etc.)
const apiKey = process.env.GUARDCROW_API_KEY;


// ❌ Bad: Client-side (exposed in browser)
const apiKey = "sk_live_xxx"; // Never do this!

Revoking API Keys

If you believe your API key has been compromised, revoke it immediately:

  1. Go to your project settings in the Dashboard
  2. Find the compromised key in the API Keys list
  3. Click the revoke/delete button
  4. Create a new API key and update your application

Note: Revoked keys are immediately invalidated. Any requests using a revoked key will receive a 401 Unauthorized response.