Authentication

API key management and security best practices

VeroID uses API keys for authentication. Each request must include a valid API key in the X-API-Key header.

API Key Types

Live Keys (`sk_live_*`)

Used for production verifications
Deduct credits from your account
Results are recorded and billable

Sandbox Keys (`sk_sandbox_*`)

Used for testing and development
Don't deduct credits
Return simulated responses

Using API Keys

curl -X POST https://api.veroid.com.au/v1/verify \
  -H "Content-Type: application/json" \
  -H "X-API-Key: sk_live_your_api_key" \
  -d '{ ... }'

Security Best Practices

Store Keys Securely

# Use environment variables
export VEROID_API_KEY="sk_live_..."

Never Expose Keys

Error: Never include API keys in client-side code, Git repositories, or public URLs.

Managing API Keys

Go to Dashboard > API Keys
Click Create API Key
Choose environment (live or sandbox)
Copy the key immediately (it won't be shown again)

Getting Started

Previous Page

Sandbox Mode

Next Page