Authentication
Learn how to authenticate your API requests and manage API keys.
API Keys
Send247 uses API keys to authenticate requests. You can view and manage your API keys in the dashboard under Settings → API Keys.
Key Types
| Prefix | Environment | Use Case |
|---|---|---|
sk_live_ | Production | Live deliveries, real charges |
sk_test_ | Sandbox | Testing, no real deliveries |
Making Authenticated Requests
Include your API key in the Authorization header using Bearer authentication:
authenticated-request.sh
curl https://api.send247.uk/v1/deliveries \ -H "Authorization: Bearer sk_live_your_api_key" \ -H "Content-Type: application/json"Security Best Practices
- Never expose keys in client-side code - API keys should only be used in server-side code
- Use environment variables - Store keys in environment variables, not in source code
- Rotate keys periodically - Generate new keys and deprecate old ones regularly
- Use test keys for development - Never use production keys in test environments
Revoking Keys
If a key is compromised, immediately revoke it in the dashboard. Active API calls using that key will start failing instantly.
⚠️ Keep Your Keys Safe
Treat your API keys like passwords. If you suspect a key has been compromised, revoke it immediately and generate a new one.