The Vivamo API uses API keys to authenticate requests.
Your API keys carry many privileges, so be sure to keep them secure! Do not share your secret API keys in publicly accessible areas such as GitHub, client-side code, and so forth.
All API requests must be made over HTTPS. Calls made over plain HTTP will fail. API requests without authentication will also fail.
You will be supplied with two API keys:
Publishable Key:
This is for frontend client use and is prefixed with pk_env_...
For example:
const vivamo = Vivamo("pk_test_O50...uM8pT3");
Private/Secret Key:
This a backend-only Bearer token and should be stored in a highly secure way.
An Authorization header should be included in all backend API requests.
For example:
fetch("<https://api.test.vivamo.co/v1/><endpoint>", {
method: "POST",
headers: {
"Authorization": `Bearer ${config.get("VIVAMO_API_TOKEN")}`,
"Content-Type": "application/json",
},
body: JSON.stringify({}),
})