Skip to content

Authentication

API Key

All /v1/ endpoints require authentication via an API key passed in the X-API-Key header:

X-API-Key: sk_live_...

Keys are managed in the Falara Dashboard under Settings → API Keys.

A missing or invalid key returns 401 Unauthorized.

Rate Limiting

The API enforces a rate limit of 50 requests per minute per IP address. Exceeding this limit returns 429 Too Many Requests.

The limit resets on a rolling 60-second window.

Security

Keep your API key server-side

Never expose API keys in client-side code (browser JavaScript, mobile apps). Always route API calls through your backend.

  • API keys are bound to a billing account
  • Rotate keys immediately if compromised — contact support or regenerate via Dashboard
  • Use environment variables or a secrets manager to store keys, never hard-code them

Errors

Code Meaning
401 Missing or invalid X-API-Key header
429 Rate limit exceeded (50 req/min per IP)