Authentication
How to authenticate your API requests
API Key Authentication
All RAIL API requests require an API key in the Authorization header:
Authorization: Bearer YOUR_API_KEYSecurity Best Practices
- •Never expose API keys in client-side code - Always call from your backend
- •Use environment variables - Store keys in .env files, never hardcode
- •Add .env to .gitignore - Never commit API keys to version control
- •Revoke compromised keys immediately - Generate new keys if exposed
Environment Variables
Python
# .env file
RAIL_API_KEY=your_api_key_here
# In your code
from dotenv import load_dotenv
import os
load_dotenv()
api_key = os.getenv("RAIL_API_KEY")Node.js
// .env file
RAIL_API_KEY=your_api_key_here
// In your code
require('dotenv').config();
const apiKey = process.env.RAIL_API_KEY;Error Responses
| Status | Error | Solution |
|---|---|---|
401 | Missing API key | Include Authorization header |
401 | Invalid API key | Check key validity |
403 | Revoked API key | Generate a new key |