Creating an API Key
1
Log in to Dashboard
Go to app.chariow.com and log in to your account.
2
Navigate to Settings
Click on Settings in the sidebar.
3
Open API Keys
Select API Keys from the settings menu.
4
Create New Key
Click Create API Key, give it a descriptive name, and copy the generated key.
Making Authenticated Requests
Include your API key in theAuthorization header of every request:
Example Request
Key Security Best Practices
Use Environment Variables
Use Environment Variables
Store API keys in environment variables, not in your codebase:
Use Different Keys for Environments
Use Different Keys for Environments
Create separate API keys for development, staging, and production environments. This limits the impact if a key is compromised.
Rotate Keys Regularly
Rotate Keys Regularly
Periodically create new keys and deprecate old ones. This limits the window of opportunity for compromised keys.
Monitor Key Usage
Monitor Key Usage
Regularly review your API key usage in the dashboard. Look for unusual patterns that might indicate unauthorised access.
Restrict Server-Side Only
Restrict Server-Side Only
Never expose your API key in client-side code (JavaScript running in browsers). All API calls should be made from your server.
Authentication Errors
If authentication fails, you’ll receive a401 Unauthorised response:
| Error | Cause | Solution |
|---|---|---|
| Missing header | No Authorization header | Add the header to your request |
| Invalid key | Key doesn’t exist or was deleted | Generate a new key in your dashboard |
| Wrong store | Key belongs to a different store | Use the correct key for your store |
Rate Limiting
API keys are subject to rate limiting to ensure fair usage:- 10 requests per minute per API key
429 Too Many Requests response.
Need higher rate limits? Contact our support team at [email protected].