Authentication
The Kawaa API uses API keys to authenticate requests. You can create and manage your API keys in the Dashboard.
Using Your API Key
Include your API key in the X-Api-Key header with every request:
HTTP Header
X-Api-Key: kw_live_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxAPI Key Types
Live Keys
Prefix: kw_live_
Used for production requests. These keys consume credits and access real data.
Test Keys
Prefix: kw_test_
Used for development and testing. Test keys return mock responses and don't consume credits.
Getting Your API Key
- 1Sign in to your Kawaa Dashboard
- 2Navigate to Settings → API Keys
- 3Click "Create New Key" and give it a name
- 4Copy and securely store your key (it won't be shown again)
Security Best Practices
- •Never expose your API key in client-side code or public repositories
- •Use environment variables to store your keys
- •Rotate your keys periodically and if you suspect they've been compromised
- •Use separate keys for development and production environments
Authentication Errors
| Status | Code | Description |
|---|---|---|
401 | UNAUTHORIZED | Missing or invalid API key |
403 | FORBIDDEN | API key doesn't have permission for this resource |
Example Request
cURL
curl -X POST https://api.kawaa.com/v1/verify \
-H "X-Api-Key: kw_live_xxxxxxxxxxxxxxxxxxxxxxxx" \
-H "Content-Type: application/json" \
-d '{"email": "test@example.com"}'