WarpLink

Authentication

Create and manage WarpLink API keys, understand the key format, and follow security best practices for authenticating API requests.

All WarpLink API requests require authentication via Bearer token.

API Key Format

EnvironmentPrefixExample
Productionwl_live_wl_live_abc123def456ghi789
Testwl_test_wl_test_abc123def456ghi789

Creating API Keys

  1. Log in to the WarpLink dashboard
  2. Go to Settings > API Keys
  3. Click Create API Key
  4. Choose a name and select the required scopes
  5. Copy the key immediately — it's only shown once

Or create keys via the API:

curl -X POST https://api.warplink.app/v1/keys \
  -H "Authorization: Bearer wl_live_YOUR_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "CI/CD Key",
    "scopes": ["links:read", "links:write"]
  }'

Using API Keys

Include the key in the Authorization header:

curl -H "Authorization: Bearer wl_live_YOUR_KEY" \
  https://api.warplink.app/v1/links

Scopes

ScopeAccess
links:readRead link data
links:writeCreate, update, delete links
apps:readRead app configuration
apps:writeCreate, update, delete apps
analytics:readRead click analytics

Requesting links:write automatically includes links:read.

Attribution match requests use a separate SDK key with fixed scopes — see Attribution.

Security Best Practices

  • Never commit API keys to source control
  • Use environment variables to store keys
  • Create separate keys for different environments (production, staging, CI)
  • Set expiration dates on keys that don't need permanent access
  • Use the minimum scopes required for each key
  • Rotate keys periodically and after team member departures

Quickstart

Create a WarpLink account, register your app, and get your first deep link working in under 30 minutes. Step by step.

Rate Limiting

How WarpLink API rate limiting works, the per-minute request limits, response headers, and best practices for staying within them.

On this page

API Key FormatCreating API KeysUsing API KeysScopesSecurity Best Practices