Getting Your API Key

To use the EmailKit API, you need an API key. API keys authenticate your requests and link usage to your account's credit balance.

Creating an API Key

1. Sign in to your EmailKit dashboard

2. Click API Keys in the sidebar

3. Click Create API Key

4. Enter a name for the key (e.g., "Production", "My App", "Testing")

5. Optionally set an expiration (days) or leave blank for no expiration

6. Optionally check Test key to create a key for testing (test keys don't consume credits)

7. Click Create

8. Copy the key immediately — it starts with ek_ and is only displayed once

Important: Store your API key securely. You won't be able to view it again after creation. If you lose it, you'll need to create a new one.

Using Your API Key

Include the key in the Authorization header of every API request:

Authorization: Bearer ek_live_abc123def456...

Example with curl:

curl -X POST https://api.emailkit.dev/api/v1/verify \
  -H "Authorization: Bearer ek_live_abc123def456..." \
  -H "Content-Type: application/json" \
  -d '{"email": "check@example.com"}'

Managing API Keys

From the API Keys page, you can:

• View all keys — See the name, creation date, last used date, and status of each key

• Revoke a key — Click the delete button next to a key to permanently revoke it. This action is irreversible.

API Key Best Practices

1. Use separate keys for different environments — Create one key for development/testing and another for production

2. Never expose keys in client-side code — API keys should only be used in server-side code, never in browser JavaScript or mobile apps

3. Rotate keys periodically — Create a new key, update your application, then revoke the old key

4. Set expiration dates — For temporary integrations or contractor access, set keys to auto-expire

5. Use test keys during development — Test keys let you test your integration without consuming credits

Key Prefixes

All EmailKit API keys start with ek_ followed by additional identifiers:

• ek_live_... — Live production key (consumes credits)

• ek_test_... — Test key (does not consume credits, returns mock results)

Revoking a Key

If you suspect a key has been compromised:

1. Go to API Keys in the sidebar

2. Find the compromised key

3. Click the delete/revoke button

4. Create a new key immediately

5. Update your application with the new key

Revoking a key is instant — all requests using that key will start failing immediately with a 401 Unauthorized error.