SwellSignSwellSign

Authentication

Secure API key authentication. Generate, manage, and protect your credentials with enterprise-grade security.

Overview

Authenticate your API requests using API Key Authentication via headers.

Http
Authorization: x-api-key YOUR_API_KEY_HERE

Authentication Setup Demo

app.swellsign.com/admin/settings/api-keys

Integration Settings

Manage your webhooks and API keys for seamless integration.

API Keys

Manage API keys for programmatic access to your account.

No API keys generated

Create your first API key to start integrating with our platform.

Getting Started

1

Access Settings

Navigate to Integration Settings in your Developer Dashboard.

Location

Dashboard → Settings → Integration

2

Generate Key

Create a new API key with a name and expiration period.

Key Name

e.g., "Production Server"

Expiration

30, 60, or 90 days

3

Implement

Add the Authorization header to your API requests.

Header Format

Authorization: x-api-key YOUR_KEY

API Keys

  • Generate new API keys
  • Manage existing credentials
  • Monitor key usage and status
  • Configure expiration

Webhooks

  • Set up webhook endpoints
  • Configure event notifications
  • Test webhook connections
  • Monitor webhook activity

Key Configuration

API Key Name

Choose a descriptive name (e.g., "Production Server", "Mobile App", "Development Testing").

Expiration Period

Set expiration: 30, 60, 90 days or custom duration.

!
Who generates the key matters

API keys are tied to the organization — all keys have same capabilities regardless of user role. Certain actions are exclusive to Org Admins — superusers with full access to the organization.

To ensure the API key has required permissions, make sure it's generated by a user with the appropriate level of access.

Key Management

Monitoring

View Key Status

Track key status and expiration dates

Usage Statistics

Monitor API calls and activity

Expiration Alerts

Receive notifications before keys expire

Activity Logs

Complete audit trail of key usage

Security

Instant Revocation

Immediately revoke compromised keys

Automatic Masking

Keys are masked in the dashboard

Access Control

Role-based permission management

Audit Logging

Track all key modifications

Usage Example

Add this header to every API request:

Http
Authorization: x-api-key 3039ba033eb1410caa0a2227158d63c9d6502cd8

Authentication Requirements

  • Include the Authorization header in every request
  • Format: Authorization: x-api-key [your_key]
  • Ensure your API key is not expired
  • Use HTTPS to protect your key
Previous
Get Started
Next
Postman Collection