Skip to main content

API Keys

All API requests require authentication via API key.

Creating an API Key

  1. Go to Settings → API Keys
  2. Click Create API Key
  3. Name your key (e.g., “GitHub Actions”, “Jenkins”)
  4. Copy the key immediately (only shown once)
  5. Store securely in your environment
Create API Key

Using API Keys

Request Header

Include your API key in the Authorization header: 
Authorization: Bearer YOUR_API_KEY

Example Request

curl -X POST https://backend.revyl.ai/api/v1/tests/execute \
  -H "Authorization: Bearer rev_1234567890abcdef" \
  -H "Content-Type: application/json" \
  -d '{
    "test_id": "test-abc-123"
  }'

Environment Variables

Store API keys as environment variables:

Bash

export REVYL_API_KEY="rev_1234567890abcdef"

curl -H "Authorization: Bearer $REVYL_API_KEY" \
  https://backend.revyl.ai/api/v1/tests

GitHub Actions

env:
  REVYL_API_KEY: ${{ secrets.REVYL_API_KEY }}

steps:
  - name: Run Test
    run: |
      curl -H "Authorization: Bearer $REVYL_API_KEY" \
        https://backend.revyl.ai/api/v1/tests/execute

Python

import os
import requests

api_key = os.environ['REVYL_API_KEY']

headers = {
    'Authorization': f'Bearer {api_key}',
    'Content-Type': 'application/json'
}

response = requests.post(
    'https://backend.revyl.ai/api/v1/tests/execute',
    headers=headers,
    json={'test_id': 'test-abc-123'}
)

Security Best Practices

✅ Do

  • Store keys in environment variables or secret managers
  • Use different keys for different environments (dev, staging, prod)
  • Rotate keys regularly
  • Delete unused keys

❌ Don’t

  • Commit keys to version control
  • Share keys in plaintext (Slack, email)
  • Use the same key across multiple projects
  • Log or print keys in application code

Key Management

Rotating Keys

  1. Create new API key
  2. Update environment variables in CI/CD
  3. Test with new key
  4. Delete old key

Deleting Keys

  1. Go to Settings → API Keys
  2. Click Delete on the key
  3. Confirm deletion
  4. Update any services using that key

Error Responses

Invalid Key

{
  "detail": "Invalid API key"
}
Status: 401 Unauthorized

Missing Key

{
  "detail": "Authorization header missing"
}
Status: 401 Unauthorized

Expired Key

{
  "detail": "API key expired"
}
Status: 401 Unauthorized