Authentication
All API requests must be authenticated using an API key. Keys are scoped to your account and grant access to all resources you own.
Generating an API key
Section titled “Generating an API key”- Log in to your BeInfi dashboard.
- Navigate to Settings > Developer > API Keys.
- Click Generate New Key.
- Give the key a descriptive name (e.g., “Production server” or “Testing”).
- Copy the key immediately — it will not be shown again.
Using your API key
Section titled “Using your API key”Include the key in the Authorization header of every request:
curl https://api.beinfi.com/v1/me \ -H "Authorization: Bearer YOUR_API_KEY"A successful response returns your account details:
{ "id": "usr_abc123", "email": "you@example.com", "name": "Your Name", "plan": "pro", "created_at": "2025-01-15T10:30:00Z"}Error responses
Section titled “Error responses”If authentication fails, the API returns a 401 Unauthorized response:
{ "error": "unauthorized", "message": "Invalid or expired API key."}Common causes:
- The API key is missing from the request headers.
- The key was revoked or deleted.
- The key was copied incorrectly (check for trailing whitespace).
Rate limiting
Section titled “Rate limiting”API requests are rate-limited per key:
| Plan | Rate limit |
|---|---|
| Free | 60 requests/minute |
| Pro | 300 requests/minute |
| Business | 1000 requests/minute |
When you exceed the limit, the API returns a 429 Too Many Requests response with a Retry-After header indicating how many seconds to wait.
Key management best practices
Section titled “Key management best practices”- Use separate keys for development and production environments.
- Rotate keys periodically (every 90 days is recommended).
- Revoke unused keys to minimize your attack surface.
- Use environment variables to store keys in your application code.