Skip to main content

Authentication

Rayda uses API keys to authenticate requests. You need to include your API key as a header in all requests to ensure that your application can interact securely with our API.

Getting Your API Key

To obtain your API key, navigate to the API Keys Dashboard. Ensure that your account is on either the Premium or Enterprise plan to access the API keys. Once you have your key, you can start making authenticated requests to our API.

Using the API Key

To authenticate API requests, include your API key in the Authorization header as follows: 
Authorization: Bearer YOUR_API_KEY_HERE

Example Request

Here’s an example of how you would make an authenticated API request using the Authorization header: 
curl -X GET https://sandbox-remote-api.rayda.co/api/v2 \
  -H "Authorization: Bearer YOUR_API_KEY_HERE"
This ensures that the request is authorized and the API can verify the authenticity of the caller. API requests that are made without authentication will return a 401: Unauthorized status code with response: 
{
    "message": "Unauthorized"
}
Additionally, all API requests must be transmitted over HTTPS.

Security Considerations

  • Never expose your API key publicly: For example, do not include it in client-side code, public repositories, or other unsecured places. API keys should always be kept secure.
  • Rotate your API keys periodically: To maintain security, it is important to generate new API keys and revoke old ones. You can manage your keys through the API Keys Dashboard.
  • Use Environment Variables: It is best practice to store your API key in environment variables on your server or development environment rather than hardcoding them directly into your application.
By following these practices, you can ensure secure, authorized access to the Rayda API and help protect your sensitive data.