API Key
An API key identifies the developer account making a request to GVR developer APIs.
Manage your key
Create, view, rotate, or delete your API key from the GVR application. The docs only cover how to use the key once it is available in your account.
Use a key
Send your key to developer endpoints with the apiKey request header:
apiKey: YOUR_API_KEY
For JSON requests, include the normal JSON content type as well:
Content-Type: application/json
apiKey: YOUR_API_KEY
For file uploads, send the key with the multipart form request.
Key lifecycle
If a key is rotated or deleted in the GVR application, requests using the old key will fail with:
{
"error": "Invalid API key"
}
Security notes
- Store keys in server-side environment variables.
- Do not commit keys to a repository.
- Do not expose keys in public frontend bundles.
- Rotate keys from the GVR application if a key is shared accidentally.