Security
Authentication
Learn how to authenticate your API requests securely. All API requests require authentication using API keys or bearer tokens.
Authentication Methods
Recommended
API Key Authentication
Use API keys for server-to-server communication. This is the recommended method for most use cases.
Bearer Token
Short-lived tokens for authenticated user sessions. Ideal for client-side applications.
API Key Format
API keys follow a specific format to help you identify their purpose:
ek_live_xxxxxProduction API keyek_test_xxxxxTest/Sandbox API keyMaking Authenticated Requests
curl -X POST "https://es.ekddigital.com/v1/emails" \
-H "Authorization: Bearer ek_live_xxxxxxxxxxxxx" \
-H "Content-Type: application/json" \
-d '{
"to": "user@example.com",
"subject": "Hello",
"html": "<p>Hello World</p>"
}'Security Best Practices
Never expose API keys in client-side code
Always keep your API keys on the server side.
Rotate keys regularly
Regenerate API keys periodically for enhanced security.
Use environment variables
Store API keys in environment variables, not in code.