Skip to content

API keys

Introduction

Gainly authenticates your API requests using your account's API keys. Each API request must include a valid API key.

If your API request doesn't include a valid API key, Gainly will return a 401 Unauthorized error.

Steps to access your API keys

Prerequisites

You're logged in to your Gainly Dashboard.

  1. Click API Keys in the left sidebar.

  2. You'll see your API keys under the API Keys section of the page.

  3. There are two types of API keys - these correspond to the Test and Live modes:

    1. Test API key
    2. Live API key

    Security

    Please make sure to copy and save your API keys in a secure location.

    Live API Keys:

    • Only users with the Admin role can access live API keys.

    • A live API key will be revealed only once. If you lose it, please delete it and create a new one.

Test vs. Live modes

You can send API requests to Gainly in either test mode or live mode. Data in one mode isn't accessible to the other mode.

The mode of an API request is decided by the API key you use to authenticate that API request. Using the test API key will make that API request work in test mode, and using the live API key will make that API request work in live mode.

Costs

💸 Please note that both modes incur the same API costs, i.e. the test mode is not free.

Test mode

Use the test mode (and the test API key) as you build your search integration. Use it to create and search test data. This data won't be accessible in the live mode.

Testing and development

Use only the test mode API key for your testing and development. This will prevent you from accidentally modifying your live customer data.

Live mode

Use the live mode (and the live API key) when you're ready to launch your search integration to your customers/users. Use it to create and search live customer data. This data won't be accessible in the test mode.

Keeping your API keys safe

Your API keys unlock access to all of your data in Gainly.

IMPORTANT

Anyone with access to your live API key can make any API call on the live customer data in your Gainly account.

As a result, it's critically important that you keep your live API key 100% safe.

Best practices to keep your API keys safe:

  • Only share the keys with those who have a need to know.
  • Do not commit the keys into Git or other version control systems.
  • Do not include the keys in client-side code (such as Javascript SPA or mobile apps).
  • Store the keys in a secret management service or password manager.

Managing your API keys

Please see Managing API Keys page for details on managing your API keys.