← Back to Documentation

Server-Side API Keys

Understanding authentication and secure API key usage.

Start API Access — $49/mo

Bearer Token Authentication

AXIMUR uses Bearer token authentication. Include your API key in the Authorization header:

Authorization: Bearer YOUR_API_KEY
Security Warning: API keys must be kept server-side only.

Server-Side Only

API keys must never be exposed in:

Secure Storage

Store API keys securely using:

API Key Delivery

After purchase, API keys are delivered via email to the address used during checkout. This is a manual delivery process within 24 hours of purchase.

Important: There is no self-serve API key portal. Keys are delivered manually to prevent abuse and ensure proper onboarding.

Best Practices

Example: Environment Variables

# .env file (never commit this)
AXIMUR_API_KEY=sk_live_abc123...

# In your application
import os
api_key = os.environ['AXIMUR_API_KEY']

Example: Secrets Manager

# Using AWS Secrets Manager (pseudo-code)
secret = get_secret('aximur-api-key')
api_key = secret['api_key']

What Happens If My Key Is Exposed?

If your API key is accidentally exposed in logs, code, or repositories:

  1. Contact support immediately at contact@aximur.com
  2. Request key revocation and replacement
  3. Review API usage for unauthorized activity
  4. Rotate any other keys that may have been exposed

Learn More

Start API Access — $49/mo
← Back to Documentation