Guides
Authentication
ReqKey uses one credential: your project’s root key, sent as a Bearer token. You get it from the dashboard when you create a project.
Base URL
All requests go to https://api.reqkey.com. Every endpoint except GET /health is a POST that accepts (and returns) JSON. Traffic is served from multiple AWS regions and routed to the nearest one automatically.
Bearer root key
Your rootKey authenticates every call — APIs, plans, consumers, keys, validation, credits, analytics, and ingestion. To get it, create a project in the dashboard, open the project’s Settings, and copy the root_key (it starts with reqkey_). Then send it in the Authorization header:
Authorization: Bearer <rootKey>Terminal
curl -X POST "https://api.reqkey.com/consumer/create" \
-H "Authorization: Bearer reqkey_xxx..." \
-H "Content-Type: application/json" \
-d '{"name": "Acme Corp"}'Projects are created in the dashboard
There’s no API endpoint for creating or listing projects right now — both live in the dashboard. Everything under a project (APIs, plans, consumers, keys) is managed through the API with the root key.
Treat the root key like a password
The rootKey can create and delete every resource in the project. Keep it server-side. If it leaks, rotate it instantly with
/project/rootkey-reroll — existing API keys keep working, only project auth changes.Verify connectivity
GET /health needs no auth and is the fastest way to confirm you can reach ReqKey:
Terminal
curl "https://api.reqkey.com/health"
# → { "status": "healthy", "timestamp": "2026-01-30T12:34:56Z" }