Getting Your API Key
- Log in to your Feather Dashboard
- Navigate to Settings → API Keys
- Click Generate New Key
- Copy your API key and store it securely
API keys are only shown once during creation. Make sure to copy and store your key in a secure location immediately.
API Key Header
Include your API key in theX-API-Key
header:
Security Best Practices
Key Management Service (KMS)
For production environments, the most secure approach is to store API keys in a Key Management Service (KMS). KMS solutions provide:- Encryption at rest - Keys are encrypted when stored
- Access control - Fine-grained permissions for who can access keys
- Audit logging - Track all key access and usage
- Automatic rotation - Scheduled key rotation without code changes
- Secrets versioning - Maintain multiple versions of keys
AWS Secrets Manager
Google Cloud Secret Manager
Azure Key Vault
HashiCorp Vault
- No API keys stored in code or configuration files
- Centralized secret management across services
- Automatic encryption and decryption
- Integration with cloud IAM for access control
- Audit trails for compliance requirements
Environment Variables
For development and testing, environment variables are acceptable:Key Rotation
- Rotate your API keys regularly (recommended: every 90 days)
- Immediately rotate keys if they may have been compromised
- Use separate keys for development and production environments
Access Control
- Only give API keys to team members who need them
- Use separate keys for different applications or services
- Monitor API key usage in the dashboard
Rate Limits
Feather API has the following rate limits:- Standard Plan: 10 RPS
- Enterprise: Custom limits available
429 Too Many Requests
response.
Error Codes
Status Code | Description |
---|---|
401 | Invalid or missing API key |
403 | API key doesn’t have required permissions |
429 | Rate limit exceeded |