All API requests to TinyValidator require authentication via API keys.
Creating API Keys
- Log in to your dashboard
- Find the API Keys section
- Click Create Key
- Give your key a descriptive name (e.g., "Production", "Development")
- Copy the key immediately - it won't be shown again
Using Your API Key
You can authenticate requests in two ways:
Option 1: Authorization Header (Recommended)
Include your API key in the Authorization header:
Authorization: Bearer your_api_key_hereExample:
curl "https://tinyvalidator.com/api/v1/[email protected]" \
-H "Authorization: Bearer your_api_key_here"Option 2: Query Parameter
Pass your API key as the api_key query parameter:
curl "https://tinyvalidator.com/api/v1/[email protected]&api_key=your_api_key_here"API Key Best Practices
Keep Keys Secret
Never expose API keys in:
- Client-side JavaScript
- Public repositories
- Browser network requests
- Log files
Use Environment Variables
// Good: Load from environment
const apiKey = process.env.TINYVALIDATOR_API_KEY;
// Bad: Hardcoded key
const apiKey = 'sk_abc123...';Rotate Keys Regularly
- Create new keys periodically
- Delete unused keys
- Rotate immediately if a key is compromised
Use Separate Keys for Environments
| Environment | Key Name |
|---|---|
| Development | dev-local |
| Staging | staging-ci |
| Production | production-main |
Error Responses
Invalid API Key
{
"error": "unauthorized",
"message": "Invalid or missing API key"
}Rate Limit Exceeded
{
"error": "rate_limit_exceeded",
"message": "Too many requests. Please try again later."
}Next Steps
- Start Verifying Emails
- Learn about Quality Scores