The Afi API uses API keys to authenticate requests. You can view and manage your API keys on the Apps tab in the Afi Backup panel.
Your API keys carry many privileges and allow access to all the tenants which installed your Application, so be sure to keep them secure! Do not share your secret API keys in publicly accessible areas such as GitHub, client-side code, WhatsApp, Email, and so forth.
Authentication is performed via HTTP Authorization header with a value set to the API key. Example of an authenticated request:
curl https://papi.afi.ai/api/v1/tenants/01F000000000000411Z1101G1Y \
-H 'Authorization: appkey-93f742c166126bbc'
All API requests must be made over HTTPS. Calls made over plain HTTP will fail. API requests without authentication will also fail.
Each Application can have up to two API keys for the seamless key rotation.