Keys don't expire automatically. We recommend rotating them every 90 days as a security best practice.

API & Developers·3 min read·Updated 1 April 2026

API Authentication

Q: How many API keys can I have?

Up to 10 active API keys per account on the Business plan.

How to authenticate with the AskBiz API using Bearer tokens. Generating your API key, token security, and rotating credentials.

Generating Your API Key

1. Go to Account Settings → Developer → API Keys

2. Click Generate New Key

3. Give the key a descriptive name (e.g. 'Slack Bot', 'Internal Dashboard')

4. Copy the key immediately — it's shown in full only once

5. Store it securely (environment variable, secrets manager — never in source code)

Using the Token

Include your API key in the Authorization header of every request:

```

Authorization: Bearer your-api-key-here

```

Example curl request:

```

curl https://api.askbiz.co/v1/pulse \

-H 'Authorization: Bearer your-api-key-here'

```

Key Security Best Practices

Never commit API keys to Git — use environment variables
Use one key per integration — makes it easy to revoke a single integration without affecting others
Rotate keys every 90 days — generate a new key, update your integration, then revoke the old one
Monitor usage — the Developer page shows request volume per key; unusual spikes may indicate a leaked key

Revoking a Key

If a key is compromised or no longer needed, go to Account Settings → Developer → API Keys and click Revoke next to the key. Revocation is immediate — all requests using that key will return 401 Unauthorized.

Frequently Asked Questions

How many API keys can I have?

Do API keys expire?

Was this article helpful?

👍 Yes 👎 No

Still stuck? Email our support team.

Generating Your API Key

Using the Token

Key Security Best Practices

Revoking a Key

Frequently Asked Questions

Related Articles