Authentication

To access any endpoints in the Velstack API, you must authenticate your requests. The Velstack API uses API keys for authentication, which must be included in the Authorization header of each request. You can view and manage your API keys in the Velstack Dashboard.

There are two types of API keys:

Public Key (pk_live__): Used in your front-end for client-side integrations and certain services. Public keys cannot modify account data or perform sensitive operations.

Secret Key (sk_live): Used in your back-end server. Must be kept confidential and never exposed in client-side code.

Public keys are intended for use in your front-end when integrating with Velstack services. By design, public keys cannot modify any part of your account, except for initiating SMS campaigns. Conversely, secret keys must be kept confidential. If you suspect that your secret key has been compromised or need to reset it, you can do so from the dashboard.

Authorization format

<span><span style="color: var(--shiki-color-text)">curl https://api.velstack.com/v/sms/quick \</span></span>
<span><span style="color: var(--shiki-color-text)">-H </span><span style="color: var(--shiki-token-string-expression)">&quot;Authorization: Bearer sk_live_your_key&quot;</span></span>
<span></span>