Authentication
API key creation, formats, and security best practices.
All WarpLink API requests require authentication via Bearer token.
API Key Format
| Environment | Prefix | Example |
|---|---|---|
| Production | wl_live_ | wl_live_abc123def456ghi789 |
| Test | wl_test_ | wl_test_abc123def456ghi789 |
Creating API Keys
- Log in to the WarpLink dashboard
- Go to Settings > API Keys
- Click Create API Key
- Choose a name and select the required scopes
- Copy the key immediately — it's only shown once
Or create keys via the API:
curl -X POST https://api.warplink.app/v1/keys \
-H "Authorization: Bearer wl_live_YOUR_KEY" \
-H "Content-Type: application/json" \
-d '{
"name": "CI/CD Key",
"scopes": ["links:read", "links:write"]
}'Using API Keys
Include the key in the Authorization header:
curl -H "Authorization: Bearer wl_live_YOUR_KEY" \
https://api.warplink.app/v1/linksScopes
| Scope | Access |
|---|---|
links:read | Read link data |
links:write | Create, update, delete links |
apps:read | Read app configuration |
apps:write | Create, update, delete apps |
analytics:read | Read click analytics |
attribution:write | Submit attribution match requests |
Requesting links:write automatically includes links:read.
Security Best Practices
- Never commit API keys to source control
- Use environment variables to store keys
- Create separate keys for different environments (production, staging, CI)
- Set expiration dates on keys that don't need permanent access
- Use the minimum scopes required for each key
- Rotate keys periodically and after team member departures