Authentication
Secure your API requests with API keys
API Keys
API keys are the primary way to authenticate with the CollaBevy API. Each key is tied to your account and can have specific scopes (permissions).
Scopes
When creating an API key, you can select which scopes it should have. This allows you to create keys with limited permissions for specific integrations.
Rate Limits
API requests are rate limited to 60 requests per minute by default. Rate limit headers are included in every response.
API Key Format
API keys follow a predictable format that makes them easy to identify:
sk_- Prefix indicating a secret keylive_- Environment indicator- 32 random characters - Unique identifier
Using Your API Key
Include your API key in the Authorization header of every request:
Authorization: Bearer sk_live_your_api_keyAvailable Scopes
API keys can be created with specific scopes to limit what they can access:
Collaborations
collabs:readView collaborations and their detailscollabs:writeCreate and update collaborationsContracts
contracts:readView contracts and agreementscontracts:writeCreate and update contractsInvoices
invoices:readView invoices and payment statusinvoices:writeCreate and update invoicesDeliverables
deliverables:readView deliverables and submissionsdeliverables:writeCreate and update deliverablesProfile
profile:readView creator profile informationprofile:writeUpdate creator profilePortal
portal:readView portal configurationportal:writeUpdate portal settingsSecurity Best Practices
Never expose your API key
Don't commit API keys to version control or include them in client-side code.
Use minimal scopes
Only grant the permissions your integration actually needs.
Rotate keys regularly
Periodically rotate your API keys, especially if you suspect they may have been compromised.
Ready to get started?
Create your first API key in your dashboard