DBindly Docs
API Reference

API Keys

Overview

API keys authenticate requests to your collections. Each key can be configured with:

  • Type - Live (production) or Test (development)
  • Domain Whitelist - Restrict which domains can use the key
  • Rate Limit - Maximum requests per minute

Key Types

Live Keys

Use live keys (pk_live_*) for production websites:

  • Access production data
  • Strict domain validation
  • Usage tracked for billing

Test Keys

Use test keys (pk_test_*) for development:

  • Access same data as live keys
  • Relaxed domain validation (localhost allowed)
  • Useful for local development

Creating API Keys

  1. Go to your Dashboard
  2. Navigate to API Keys
  3. Click Create API Key
  4. Configure:
    • Name - Descriptive name (e.g., "Production Website")
    • Type - Live or Test
    • Allowed Domains - Comma-separated list
    • Rate Limit - Requests per minute

Domain Whitelisting

Specify which domains can use each API key:

dbindly.com
www.dbindly.com
app.dbindly.com

Wildcard Patterns

You can use wildcards for subdomains:

*.dbindly.com

Development Domains

For test keys, these are automatically allowed:

  • localhost
  • 127.0.0.1
  • *.local

Rate Limits

Configure how many requests each key can make per minute:

PlanDefault LimitMax Limit
Free100/min100/min
Pro1,000/min10,000/min
Enterprise10,000/min100,000/min

Handling Rate Limits

When rate limited, the API returns:

{
  "error": "Too Many Requests",
  "message": "Rate limit exceeded. Try again in 60 seconds."
}

DBindly automatically retries with exponential backoff.

Security Best Practices

Keep Keys Secret

  • Never commit API keys to version control
  • Use environment variables in build tools
  • Don't expose keys in client-side code (use DBindly instead)

Use Domain Restrictions

  • Always specify allowed domains for live keys
  • Use specific domains, not wildcards in production

Rotate Keys Regularly

  • Create new keys periodically
  • Delete old keys after transitioning

Monitor Usage

  • Check the dashboard for unusual activity
  • Set up alerts for rate limit warnings

Using API Keys

With DBindly

DBindly.init({
  apiUrl: 'https://dbindly.com/api',
  apiKey: 'pk_live_your_key'
});

Direct API Calls

curl -H "X-API-Key: pk_live_your_key" \
  https://dbindly.com/api/public/data/your-data-id

In Environment Variables

# .env
DBINDLY_API_KEY=pk_live_your_key

Managing Keys

View All Keys

Go to DashboardAPI Keys to see all your keys with:

  • Key name and type
  • Masked key value
  • Created date
  • Last used date
  • Request count

Copy Key

Click the copy button to copy the full key value. Keys are only shown in full once when created.

Delete Key

  1. Find the key in the list
  2. Click the delete button
  3. Confirm deletion

Deleted keys are immediately invalidated.

Troubleshooting

"Invalid API key"

  • Check the key is copied correctly
  • Verify the key hasn't been deleted
  • Ensure you're using the right environment (live vs test)

"Domain not allowed"

  • Add your domain to the key's whitelist
  • Check for typos in domain names
  • Remember to include both root and www versions

"Rate limit exceeded"

  • Wait for the reset period
  • Reduce request frequency
  • Upgrade your plan for higher limits
  • Enable caching in DBindly

Next Steps

API Endpoints

Previous Page

E-commerce Catalog

Next Page

On this page

OverviewKey TypesLive KeysTest KeysCreating API KeysDomain WhitelistingWildcard PatternsDevelopment DomainsRate LimitsHandling Rate LimitsSecurity Best PracticesKeep Keys SecretUse Domain RestrictionsRotate Keys RegularlyMonitor UsageUsing API KeysWith DBindlyDirect API CallsIn Environment VariablesManaging KeysView All KeysCopy KeyDelete KeyTroubleshooting"Invalid API key""Domain not allowed""Rate limit exceeded"Next Steps