Skip to main content

Getting Your API Key

1

Sign in to your Dashboard

Go to verilock.io/dashboard and sign in with your account.
2

Navigate to API Keys

Open Settings > API Keys from the sidebar.
3

Create a new key

Click “Create API Key”, give it a descriptive name (e.g., Production Backend, Staging Server), and copy the generated key.
The full API key is displayed only once at creation. Store it in a secure secrets manager immediately. If lost, revoke the key and create a new one.

Key Properties

PropertyTypeDescription
namestringHuman-readable label for identification
keystringThe API key value — use in the Authorization: Bearer header
prefixstringqi_live_ for production, qi_test_ for sandbox
created_atdatetimeWhen the key was generated
last_used_atdatetimeLast time the key was used for an API call

Security Best Practices

Use environment variables

Store keys in VERILOCK_API_KEY env vars. Never hardcode them in source code.

Separate environments

Use distinct keys for development, staging, and production. Revoke keys when environments are decommissioned.

Rotate regularly

Rotate production keys quarterly. Create the new key, update your services, then revoke the old key.

Server-side only

Never include API keys in frontend code, mobile apps, or client-side JavaScript. All calls must come from your backend.

Example Configuration

VERILOCK_API_KEY=qi_live_your_api_key_here
VERILOCK_WEBHOOK_SECRET=whsec_your_webhook_secret_here