Authorization
header as a Bearer token:
Getting a key
You can obtain keys in two ways:- Dashboard — create and manage keys from your NestAPI account.
- API — if you hold an Admin-class key, manage keys programmatically via the account endpoints.
Sign up for a trial
New to NestAPI? Start a trial to get a key.
Making an authenticated request
GET /auth/validate confirms the key is active and returns basic identity info
(Valid, UserId) — a quick way to check a key works.
Verifying a key
Two account endpoints help you check a key’s state:| Endpoint | Purpose |
|---|---|
GET /auth/validate | Confirms the key is active and returns basic identity info. |
GET /apiKey/validUntil | Returns the key’s expiry date (or 31/12/9999 if it never expires). |
Key classes
| Class | Can do |
|---|---|
| Usage | Submit nesting and importer requests. The default. |
| Admin | Everything a Usage key can, plus manage browser origins and fairness settings. |
Security
- Rotate keys periodically, and set an expiry for time-boxed integrations.
- Disable a compromised key immediately.