Authentication & API Keys
Getting Started

Authentication & API Keys

Learn how to authenticate your API requests and manage your API keys.

Authentication Methods

All API requests to RsFlowHub must be authenticated. You can pass your API key using one of the two methods below. We recommend using the Header method for better security.

Method 1: HTTP Header (Recommended)

Pass the key in the Authorization header using the Bearer token scheme.

HTTP Header 
Authorization: Bearer YOUR_API_KEY
Content-Type: application/json

Method 2: Request Body

Include the api_key property directly in your JSON payload.

JSON Payload 
{
  "api_key": "YOUR_API_KEY",
  ...
}
Keep your key secret
Never expose your API key in client-side code, public repos, or frontend JavaScript. Rotate or revoke keys immediately if compromised via your Dashboard → API Keys.

Managing API Keys

You have complete control over your API keys from the Dashboard. We support the following key management features:

Generate

Create API keys with custom names and optional expiration dates to track different applications securely.

Activate & Deactivate

Temporarily pause an API key. A deactivated key will be blocked immediately without being permanently deleted.

Rotate (Regenerate)

Instantly invalidate the old key and issue a new one under the same name and limit settings.

Revoke (Delete)

Permanently revoke and delete an API key when it is no longer needed.

Ready to build?

Create your free account and make your first API call in minutes.

Get API Key Open Playground