Authentication
API Authentication
BillOver API uses API keys to authenticate requests. You need to include your API key in the header of every request.
Request Headers
Api-Key: your_api_key_here
Example Request
curl -X GET https://api.billover.com/v1/invoices/ \
-H "Api-Key: your_api_key_here"
Important
Keep your API keys secure and never share them in publicly accessible areas such as GitHub, client-side code, or public forums.
Authentication Errors
If there’s an authentication problem, the API will return a 401 Unauthorized response.
Example Error Response
{
"error": {
"code": "unauthorized",
"message": "Invalid or missing API key"
}
}
Best Practices
- Store API keys in environment variables or secure configuration files
- Use different API keys for development and production environments
- Implement proper key rotation policies
- Monitor API key usage for suspicious activities
- Revoke compromised API keys immediately