Authentication
Every /v1/* request requires an API key in the Authorization header. Keys are created from the dashboard.
Bearer token
Send your key as Authorization: Bearer rx_live_…. Treat keys like passwords — never commit them to git or paste them in client-side code.
Authorization: Bearer rx_live_abcdef0123456789...What a key controls
Per-key expiry, per-key spend cap, and revocation are managed from /dashboard/keys.