Skip to main content
Back to Help Center
API

API Authentication

10 min read
Last updated: March 2025

Secure API access

Learn how to authenticate with our API using API keys and implement secure authentication patterns for your applications.

Authentication methods

1

API Keys

Use API keys to authenticate your requests. Each key is unique to your account and can be managed in your dashboard.

How to get your API key:

  1. Log in to your account
  2. Go to Settings → API Keys
  3. Click "Generate new key"
  4. Copy and store securely

Using API keys in requests:

# Header method
Authorization: Bearer your_api_key_here
# Query parameter (less secure)
GET /api/audits?api_key=your_api_key_here
2

OAuth 2.0 (Coming Soon)

OAuth 2.0 authentication will be available for enterprise customers requiring more advanced access control and user delegation.

Coming Soon

OAuth 2.0 support is planned for Q2 2025. Contact our sales team for enterprise requirements.

Managing API keys

Key Permissions

  • • Read-only access
  • • Full audit access
  • • Account management
  • • Billing information
  • • Custom permissions

Security Features

  • • Rate limiting per key
  • • IP address restrictions
  • • Expiration dates
  • • Usage monitoring
  • • Instant revocation

Security best practices

Store keys securely

Never commit API keys to version control. Use environment variables or secure key management services.

Use read-only keys when possible

Create separate read-only API keys for applications that only need to retrieve data.

Rotate keys regularly

Generate new keys periodically and revoke old ones to maintain security.

Monitor API usage

Regularly check your API usage logs for suspicious activity or unauthorized access.

Rate limiting

Understanding rate limits

API requests are subject to rate limiting to ensure fair usage and system stability. Different endpoints have different limits based on their resource requirements.

100
Requests per minute
Basic plan
500
Requests per minute
Pro plan
2000
Requests per minute
Enterprise plan

Rate limit headers

X-RateLimit-Limit: 100
X-RateLimit-Remaining: 95
X-RateLimit-Reset: 1640995200

Authentication errors

401 Unauthorized

Invalid or missing API key. Check your Authorization header.

403 Forbidden

API key doesn't have permission for this endpoint or action.

429 Too Many Requests

Rate limit exceeded. Wait for the reset time or upgrade your plan.

Code examples

JavaScript/Node.js

// Using fetch
const response = await fetch('https://api.seo-audit.com/v1/audits', {'
method: 'GET',
headers: {'
'Authorization': 'Bearer YOUR_API_KEY',
'Content-Type': 'application/json'
}
});
// Using axios
const axios = require('axios');
const response = await axios.get('https://api.seo-audit.com/v1/audits', {'
headers: {'
'Authorization': 'Bearer YOUR_API_KEY'
}
});

Python

# Using requests
import requests
headers = {'
'Authorization': 'Bearer YOUR_API_KEY',
'Content-Type': 'application/json'
}
response = requests.get('https://api.seo-audit.com/v1/audits', headers=headers)

cURL

curl -X GET "https://api.seo-audit.com/v1/audits" \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json"

Need help with authentication?

If you're having trouble with API authentication or need help setting up your integration, our developer support team is here to help.

Contact Developer SupportAPI DocumentationWebhooks Guide