| title | Authentication | |||
|---|---|---|---|---|
| description | API authentication and security | |||
| category | api-reference | |||
| order | 2 | |||
| lastUpdated | 2025-01-10 | |||
| tags |
|
RepoRadar API uses API keys for authentication.
- Sign in to RepoRadar
- Navigate to Settings > API Keys
- Click "Generate New API Key"
- Copy and securely store your key
Include your API key in the Authorization header:
curl https://api.reporadar.com/v1/analyze \
-H "Authorization: Bearer YOUR_API_KEY"- Never commit API keys to version control
- Use environment variables
- Rotate keys regularly
- Revoke compromised keys immediately
All API requests must use HTTPS. HTTP requests will be rejected.
API keys are subject to rate limits based on your subscription tier:
| Tier | Requests/Hour | Requests/Day |
|---|---|---|
| Free | 10 | 100 |
| Pro | 100 | 1,000 |
| Enterprise | 1,000 | 10,000 |
Enterprise customers can restrict API key usage to specific IP addresses.
{
"error": "Invalid or missing API key",
"code": "UNAUTHORIZED"
}Solution: Check that your API key is correct and included in the Authorization header.
{
"error": "API key does not have permission for this resource",
"code": "FORBIDDEN"
}Solution: Upgrade your plan or check your API key permissions.
{
"error": "Rate limit exceeded",
"code": "RATE_LIMIT_EXCEEDED",
"retryAfter": 3600
}Solution: Wait for the specified time or upgrade your plan.
View all your API keys in Settings > API Keys.
- Navigate to Settings > API Keys
- Click "Revoke" next to the key
- Confirm revocation
Revoked keys are immediately invalidated.
Best practice: Rotate keys every 90 days:
- Generate a new key
- Update your applications
- Revoke the old key
- Explore Repository Endpoints
- Learn about Analytics Endpoints
- Check Rate Limiting