Skip to main content

API Keys

All ChatAds API requests require authentication via an API key passed in the x-api-key header. 
curl -H "x-api-key: cak_your_api_key_here" \
  https://api.getchatads.com/v1/chatads/messages

Getting Your API Key

  1. Log into app.getchatads.com
  2. Navigate to API Keys in the sidebar
  3. Click Create Key
  4. Give your key a descriptive name
  5. Copy the key (starts with cak_)
API keys are encrypted at rest and can be revealed or copied anytime from the API Keys page.

API Key Format

ChatAds API keys follow this format: 
cak_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
  • Prefix: cak_ (ChatAds Key)
  • 40 hex characters

Security Best Practices

Never expose in client-side code

Keep API keys server-side only. Never include them in browser JavaScript, mobile apps, or public repositories.

Use environment variables

Store API keys in environment variables, not hardcoded in source code.

Rotate keys regularly

Create new keys periodically and revoke old ones.

Use separate keys per environment

Use different keys for development, staging, and production.

Managing API Keys

Revoking Keys

To revoke an API key:
  1. Go to API Keys in the sidebar
  2. Find the key you want to revoke
  3. Click the trash icon to revoke
Revoked keys immediately stop working. Make sure to update your applications before revoking a key.

Team API Keys

API keys belong to your team, not individual users. All team members with appropriate permissions can:
  • Create new API keys
  • View existing keys (masked)
  • Revoke keys
Rate limits are shared across all API keys for a team.