Skip to main content
Velobase uses API keys to authenticate requests. You can create and manage API keys from your dashboard under the API Keys section of any project.

Bearer Token

Provide your API key in the Authorization HTTP header using the Bearer scheme. 
Authorization: Bearer <your_api_key_here>

Example Request

curl https://api.velobase.io/v1/health \
  -H "Authorization: Bearer vb_1234567890abcdef"

Key Scoping

  • Project Isolation: Every API key is scoped to a specific project. An API key created in Project A cannot access customers or ledgers in Project B.
  • Roll and Revoke: You can revoke an API key at any time from the dashboard if you suspect it has been compromised. Requests using a revoked key will immediately start failing with an api_key_revoked error.

Authentication Errors

If your request cannot be authenticated, Velobase returns a 401 Unauthorized status code.
Error CodeReason
missing_api_keyThe Authorization header is missing.
invalid_api_keyThe provided key is malformed, incorrect, or belongs to a deleted project.
api_key_revokedThe key has been manually revoked in the dashboard.
For more details on error formats, see Handling Errors.