AuthenticationΒΆ

All API requests require authentication using an API key.

API Key AuthenticationΒΆ

ReputeAPI uses API keys passed via the X-API-Key HTTP header.

Example RequestΒΆ

curl -H "X-API-Key: your-api-key-here" \
  https://api.reputeapi.com/api/v1/check?domain=example.com

Getting Your API KeyΒΆ

  1. Sign up at reputeapi.com
  2. Navigate to your dashboard
  3. Click "API Keys" β†’ "Create New Key"
  4. Copy your API key (you won't see it again!)
  5. Store it securely in environment variables

Best PracticesΒΆ

Store Keys SecurelyΒΆ

❌ Never do this: 

api_key = "sk_live_1234567890abcdef"  # Hardcoded!

βœ… Do this instead: 

import os
api_key = os.getenv("REPUTE_API_KEY")

Environment VariablesΒΆ

Bash/Zsh: 

export REPUTE_API_KEY="your-api-key-here"

Windows PowerShell: 

$env:REPUTE_API_KEY="your-api-key-here"

.env file: 

REPUTE_API_KEY=your-api-key-here

Rotate Keys RegularlyΒΆ

Generate new keys periodically and revoke old ones:

  1. Generate new API key
  2. Update your applications
  3. Verify everything works
  4. Revoke the old key

Testing Your API KeyΒΆ

curl -H "X-API-Key: YOUR_API_KEY" \
  https://api.reputeapi.com/api/v1/check?domain=google.com

Expected response: 

{
  "domain": "google.com",
  "score": 95,
  "grade": "Excellent",
  ...
}

Error ResponsesΒΆ

Missing API KeyΒΆ

{
  "error": "Unauthorized",
  "message": "API key required. Get your key at https://reputeapi.com"
}

HTTP Status: 401 Unauthorized

Invalid API KeyΒΆ

{
  "error": "Unauthorized",
  "message": "Invalid API key"
}

HTTP Status: 401 Unauthorized

Revoked API KeyΒΆ

{
  "error": "Unauthorized",
  "message": "This API key has been revoked"
}

HTTP Status: 401 Unauthorized

Multiple API KeysΒΆ

Create separate keys for different environments:

  • Production: REPUTE_PROD_API_KEY
  • Staging: REPUTE_STAGING_API_KEY
  • Development: REPUTE_DEV_API_KEY

This allows you to: - Track usage per environment - Revoke keys without affecting other environments - Set different rate limits

Next StepsΒΆ