Overview
The Stanna API uses API keys to authenticate requests. API keys can be created and managed through your dashboard settings page.Creating an API Key
Navigate to Settings
Go to your Stanna Dashboard and click on Settings in the navigation
Using Your API Key
There are two ways to include your API key in requests:Method 1: Authorization Header (Recommended)
Method 2: X-API-Key Header
Example: Testing Your API Key
Here’s a simple test to verify your API key is working:Security Best Practices
Do’s
- Store API keys in environment variables
- Use server-side code to make API calls
- Rotate keys regularly
- Create separate keys for different environments (dev, staging, prod)
- Delete unused keys promptly
Don’ts
- Don’t embed keys in client-side JavaScript
- Don’t commit keys to version control
- Don’t share keys via email or chat
- Don’t use the same key across multiple applications
Managing API Keys
You can manage your API keys through the settings page:- View active keys: See all your active API keys and their last usage
- Delete keys: Remove keys that are no longer needed
- Monitor usage: Track when each key was last used
Troubleshooting
Common Error Messages
| Error | Cause | Solution |
|---|---|---|
401 Unauthorized | Missing or invalid API key | Check that your key is correct and properly formatted |
403 Forbidden | Valid key but wrong workspace | Ensure the workspaceId matches your key’s workspace |
429 Too Many Requests | Rate limit exceeded | Reduce request frequency or implement exponential backoff |
Testing Authentication
To test if your authentication is working correctly:HTTP/2 200. If you see 401 or 403, check your API key and workspace ID.