Authentication
Learn how to authenticate with the Vavolta API using API keys.
API Keys
The Vavolta API uses API keys for authentication. Each API key has specific permissions that control what actions can be performed.
Creating an API Key
- Navigate to Settings > Developer in your dashboard
- Click Create API Key
- Enter a descriptive name for your key
- Select the permissions:
- Read: View lead magnets, links, and analytics
- Write: Create and modify resources
- Both: Full access
- Click Create
Your API key is only shown once during creation. Store it securely!
Using Your API Key
Include your API key in the Authorization header of every request:
cURL CommandN8N Ready
API Key Scopes
| Scope | Permissions |
|---|---|
read | View resources, retrieve analytics |
write | Create, update, delete resources |
read:write | Full access to all endpoints |
Best Practices
Security
- Never expose API keys in client-side code
- Don't commit keys to version control
- Use environment variables to store keys
- Rotate keys periodically
Key Management
- Create separate keys for different applications
- Use descriptive names to identify key usage
- Delete unused keys promptly
Example: Environment Variables
Store your API key in an environment variable:
bash
Then use it in your code:
javascript
Revoking Keys
To revoke an API key:
- Go to Settings > Developer
- Find the key you want to revoke
- Click the Delete button
- Confirm the deletion
Revoking a key is immediate and permanent. Any applications using the key will lose access.