API keys
API keys authenticate your server-to-server requests to the iplyt platform API.
Create a key
- Open API keys in the dashboard.
- Click New key and enter a descriptive name (e.g.
production-backend). - Copy the full key when shown — it cannot be retrieved later.
Use a key
Send the key in every request:
curl -H "Authorization: Bearer YOUR_API_KEY" \
"https://YOUR_PLATFORM_HOST/api/v1/lookup?ip=8.8.8.8"
Or use the X-API-Key header. See Authentication.
Manage keys
| Action | Effect |
|---|---|
| Disable | Temporarily blocks API access; re-enable anytime |
| Revoke | Permanent — create a new key to replace |
| Set expiry | Key stops working after the date (if supported in your UI) |
Rotation
- Create a new key.
- Deploy the new key to your services.
- Revoke the old key once traffic has switched.
Plan availability
API keys are included on Professional and Enterprise plans. Starter plans use the dashboard and trial quota without separate keys — upgrade when you need programmatic access.
Security
- Never expose keys in browser code or mobile apps.
- Store keys in environment variables or a secrets manager.
- Use separate keys per environment (staging vs production).
See Security for 2FA and account hardening.
