Docs
Sign inSign up

Authentication

All API requests must include an API key. Keys are issued per customer from the dashboard.

Header format
Send the key as a Bearer token in the Authorization header.
Authorization: Bearer sk_live_YOUR_API_KEY
Generating a key
Self-serve from the dashboard. Admins can revoke any customer's key.
  1. Sign in and open /dashboard/api-keys.
  2. Click Create key and give it a label.
  3. Copy the raw token. It is shown only once — we store only its hash.
Key lifecycle
  • Active — usable for any authenticated request.
  • Revoked — disabled from the dashboard. All subsequent requests return 401. Cannot be undone; create a new key instead.
  • Expired — keys may have an optional expiry. We recommend rotating keys every 90 days.
Best practices
  • Use environment variables (API_KEY) and a secret manager for production.
  • Issue separate keys per environment (staging / production) so you can revoke independently.
  • Rotate keys on personnel changes or any suspected exposure.
Send the Authorization header
curl
curl partner.dattaremit.com/api/v1/fx-rates \
  -H "Authorization: Bearer sk_live_YOUR_API_KEY"