Authentication
The Voicy API uses API keys for authentication. All requests must include your API key in theAuthorization header.
API Key Format
Voicy API keys follow this format:voicy_sk_live_- Prefix identifying this as a Voicy secret keyxxxx...- 28 characters of cryptographically random data
Using Your API Key
Include the API key as a Bearer token in theAuthorization header:
Creating API Keys
1
Log in to the Dashboard
Go to app.voicy.co and sign in with your account.
2
Navigate to Account Settings
Click on Account in the sidebar (for account admins) or go to Accounts and select your account (for global admins).
3
Create a New Key
Click Create Key and give it a descriptive name (e.g., “Production”, “Development”).
4
Copy Your Key
The full API key will only be shown once. Copy it immediately and store it securely.
API keys are scoped to your account. All calls made with a key will only access data within that account.
Key Security
Storage Best Practices
| Do | Don’t |
|---|---|
| Store in environment variables | Commit to git repositories |
| Use secrets management (AWS Secrets Manager, etc.) | Hardcode in application code |
| Rotate keys periodically | Share keys between environments |
| Use separate keys for dev/staging/prod | Log full API keys |
How Keys Are Stored
Your API keys are stored securely using industry-standard practices:- Never stored in plaintext - We only store a SHA-256 hash
- Prefix stored separately - Enables fast O(1) lookup
- Same pattern as Stripe, GitHub, OpenAI
Revoking Keys
If a key is compromised:- Go to Account Settings in the dashboard
- Find the compromised key in the list
- Click the menu (⋮) and select Revoke
- The key is immediately invalidated
401 Unauthorized on all subsequent requests.
Rate Limits
API keys are subject to rate limits based on your plan:| Plan | Requests/minute | Concurrent calls |
|---|---|---|
| Standard | 60 | 10 |
| Enterprise | 600 | 100 |