Skip to main content
The BaClique API uses API keys to authenticate requests. Each key is tied to your account and has full access to your data.

API Key Format

sk_live_example123456789
  • sk_ = Secret Key prefix
  • live_ = Live mode (production)
  • Followed by 32+ random characters

Using Your API Key

Include your key in the Authorization header: 
curl https://api.baclique.com/v1/campaigns \
  -H "Authorization: Bearer sk_live_YOUR_API_KEY"

Security Best Practices

  1. Never commit API keys to version control
  2. Use environment variables to store keys
  3. Rotate keys regularly if you suspect a leak
  4. Use different keys for development and production
  5. Limit exposure - only your backend should use the API key

Environment Variable Example

# .env file (never commit this!)
BACLIQUE_API_KEY=sk_live_your_key_here

// Node.js
const apiKey = process.env.BACLIQUE_API_KEY;

fetch('https://api.baclique.com/v1/campaigns', {
  headers: {
    'Authorization': `Bearer ${apiKey}`
  }
});

Rate Limiting

  • 100 requests per minute per API key
  • Rate limit headers are included in responses:
X-RateLimit-Limit: 100
X-RateLimit-Remaining: 95
X-RateLimit-Reset: 1705765200
When exceeded: 
{
  "error": "Rate limit exceeded. 100 requests per minute."
}

Errors

StatusErrorSolution
401Invalid or missing API keyCheck your Authorization header
403PRO plan requiredUpgrade your subscription
429Rate limit exceededWait and retry with backoff