API Keys
Send your key in the bearer header on every request.
Authorization: Bearer sk_live_abc123...
| Scope | What it allows |
|---|
read | Read resources |
write | Create and update resources |
usage:write | Record usage events from your server |
checkout:write | Create checkout sessions |
Never expose your API key in frontend, mobile, or client-side code. Always call the Accend API from your server.
Create separate keys per environment and per service. A checkout service and a usage service should not share the same key.
