Flux uses API keys to authenticate requests. You can view and manage your API keys in the dashboard.
API Key Types
| Type | Prefix | Use Case |
|---|
| Live | sk_live_ | Production environment |
| Test | sk_test_ | Development and testing |
Using Your API Key
Include your API key in the Authorization header:
curl https://api.flux.dev/v1/events \
-H "Authorization: Bearer sk_live_your_api_key"
const flux = new Flux('sk_live_your_api_key');
Keep your API keys secure. Never commit them to version control or expose them in client-side code.
Environment Variables
We recommend storing your API key in an environment variable:
# .env
FLUX_API_KEY=sk_live_your_api_key
import Flux from '@flux/node';
const flux = new Flux(process.env.FLUX_API_KEY);
# .env
FLUX_API_KEY=sk_live_your_api_key
import os
from flux import Flux
flux = Flux(os.environ["FLUX_API_KEY"])
Key Rotation
To rotate an API key:
- Create a new key in the dashboard
- Update your application to use the new key
- Delete the old key
Create a new key before deleting the old one to avoid downtime.
Scoped Keys
Enterprise plans support scoped API keys with limited permissions:
const scopedKey = await flux.apiKeys.create({
name: 'Analytics Service',
scopes: ['events:read'],
expiresAt: '2025-01-01T00:00:00Z'
});
| Scope | Description |
|---|
events:read | List and retrieve events |
events:write | Create events |
webhooks:read | List webhooks |
webhooks:write | Create and delete webhooks |
Rate Limits
API requests are rate limited based on your plan:
| Plan | Requests per second |
|---|
| Free | 10 |
| Pro | 100 |
| Enterprise | Custom |
429 response with a Retry-After header. 
