Overview

Authentication

Learn how to use API keys to authenticate API requests.

Flatfile provides two different kinds of environment-specific API keys you can use to interact with the API. In addition, you can work with a development key or a production environment.

Read on to learn more about how to think about which keys to use and how to test in development mode.

Testing and development

Environments are isolated entities and are intended to be a safe place to create and test different configurations. A development and production environment are created by default.

isProdNameDescription
falsedevelopmentUse this default environment, and its associated test API keys, as you build with Flatfile.
trueproductionWhen you're ready to launch, create a new environment and swap out your keys.

The development environment does not count towards your paid credits.

Secret and publishable keys

All Accounts have two key types for each environment. Learn when to use each type of key:

TypeIdDescription
Secret keysk_23ghsyuyshs7dcrtyOn the server-side: Store this securely in your server-side code. Don’t expose this key in an application.
Publishable keypk_23ghsyuyshs7dcertOn the client-side: Can be publicly-accessible in your application's client-side code. Use when embedding Flatfile.

The accessToken provided from publishableKey will remain valid for a duration of 24 hours.