Authentication
The CamelStep API uses API keys for authentication. You can view and manage your API keys in the Dashboard.
Authorization Header
All API requests (except static assets) must include your API key in the Authorization HTTP header.
HTTP
Authorization: Bearer <CAMELSTEP_API_KEY>Security Best Practices
- Do not share your API keys with others or expose them in client-side code (browsers).
- Do not commit API keys to version control systems like Git.
- If you suspect an API key has been compromised, roll it immediately in the dashboard.
Handling Auth Errors
If authentication fails, the API will return a 401 Unauthorized status code.
JSON
{
"error": {
"message": "Invalid API key provided",
"type": "invalid_request_error",
"param": null,
"code": "invalid_api_key"
}
}