API Keys
Authenticate your applications with API keys.
Generating Keys
- Go to your project's Settings
- Click Generate New Key
- Copy the key immediately (it's only shown once)
Using API Keys
Include the key in the Authorization header:
Authorization: Bearer baas_abc123...Or as a query parameter:
GET /api/v1/projects/{projectId}/data/users?apiKey=baas_abc123...Key Types
| Type | Use Case | Permissions |
|---|---|---|
| Anon | Client-side apps | Limited by security rules |
| Service | Server-side apps | Full access (bypasses rules) |
Best Practices
- Never expose service keys in client-side code
- Use environment variables for keys
- Rotate keys periodically
- Revoke unused keys