API Keys
Generate and manage authentication keys for Roark APIs
Overview
API keys are required to authenticate and authorize requests to our platform. They allow you to securely interact with our API, whether you’re manually posting call recordings or integrating with third-party services like Retell and VAPI.
With API keys, you can:
- Authenticate requests to the API.
- Control access levels (read-only or full access).
- Track API usage with the last-used timestamp.
API keys are essential for securely interacting with the platform and should be kept private.
Generating an API Key
Creating an API key is simple and takes just a few clicks.
- Navigate to the API Keys section on your dashboard.
- Click the Create a
Create API Keybutton. - Set API Key Permissions - choose between:
- Read-Only Access: Can only retrieve data, no modifications.
- Full Access: Can read and write data, including posting new call recordings.
- Save & Secure Your Key: Once generated, copy your API key and store it securely. You won’t be able to see the full key again after you leave this page.
Using Your API Key
Once you have generated an API key, you need to include it in your API requests for authentication.
Example Request
This applies to all API endpoints, which are documented in the API Reference.
Monitoring API Key Usage
We provide insights into how and when your API key is used:
- Each API key displays the last used timestamp, helping you monitor activity.
- You can revoke and regenerate keys at any time for security purposes.
To check when an API key was last used, visit the API Keys section in your dashboard.
Best Practices for API Key Security
- Keep API keys private: Never share your key in public repositories, client-side code, or untrusted environments.
- Use environment variables: Store API keys securely in your backend instead of hardcoding them.
- Regenerate periodically: Regularly rotating your API keys enhances security.
- Revoke unused keys: If a key hasn’t been used for a long time, consider revoking it