Security & Authentication

RevOps authenticates requests by using the API keys associated with your account. API keys for both revops-js and the RevOps platform can be viewed and managed through the API Keys page.

RevOps accounts are configured with a primary live environment and secondary sandbox environment for testing new configurations. Sandbox environment API keys are prefixed with pk_sandbox or sk_sandbox; Live enviroment API keys are prefixed with pk_live or sk_live.

API Key Accessibility

Type Prefix
Public Key pk
Secret Key sk

Note: Sandbox and Live APIs use different sets of keys to ensure data isolation.

Requests to RevOps are authenticated using the standard HTTP Authorization: Bearer header. Any request that does not include a valid API key will return a 401 Unauthorized error.

All API requests should be made over HTTPS to keep API keys secure during transit.


This example uses curl with a sandbox secret key to send RevOps a new usage event:

$> curl -X POST \
        -H 'Authorization: Bearer sk_sandbox_<api_key>' \
        -H 'Content-type: application/json' \
        --data \
   "event_metrics" : [
         "account_id" : "customer-account-id",
         "metadata" : {},
         "product" : "My Awesome Product",
         "metric_name" : "operation-in",
         "metric_value" : 1000,
         "metric_resolution" : "hour"
   "mode" : "insert",
   "transaction_id" : "user-driven unique identifier"