Skip to content

Handbook

API keys

API keys authenticate your server-to-server requests to the iplyt platform API.

Create a key

  1. Open API keys in the dashboard.
  2. Click New key and enter a descriptive name (e.g. production-backend).
  3. Copy the full key when shown — it cannot be retrieved later.

Use a key

Send the key in every request:

curl -H "Authorization: Bearer YOUR_API_KEY" \
  "https://YOUR_PLATFORM_HOST/api/v1/lookup?ip=8.8.8.8"

Or use the X-API-Key header. See Authentication.

Manage keys

Action Effect
Disable Temporarily blocks API access; re-enable anytime
Revoke Permanent — create a new key to replace
Set expiry Key stops working after the date (if supported in your UI)

Rotation

  1. Create a new key.
  2. Deploy the new key to your services.
  3. Revoke the old key once traffic has switched.

Plan availability

API keys are included on Professional and Enterprise plans. Starter plans use the dashboard and trial quota without separate keys — upgrade when you need programmatic access.

Security

  • Never expose keys in browser code or mobile apps.
  • Store keys in environment variables or a secrets manager.
  • Use separate keys per environment (staging vs production).

See Security for 2FA and account hardening.