Secure your API access with authentication tokens.
API Keys
SyncBooks uses API keys for authentication:
- Public Key: Identifies your account
- Secret Key: Authenticates requests (keep private)
- Test Keys: For development and testing
- Live Keys: For production use
Generating API Keys
- Navigate to Settings → API
- Click "Create API Key"
- Enter key name/description
- Select permissions (read, write, delete)
- Choose environment (test or live)
- Generate key
- Copy and securely store secret key
Authentication Methods
Bearer Token (Recommended):
Authorization: Bearer YOUR_SECRET_KEYBasic Auth:
Authorization: Basic base64(api_key:secret)Security Best Practices
- Never commit API keys to version control
- Use environment variables for keys
- Rotate keys regularly (every 90 days)
- Use different keys for each environment
- Revoke compromised keys immediately
- Limit key permissions to minimum required
Key Management
- View all active keys
- Monitor key usage and activity
- Set expiration dates
- Revoke or regenerate keys
- Audit log of key usage
Security: Secret keys provide full access to your account. Treat them like passwords.