Authentication
Authenticate your API requests using API keys.
API Keys
Every request to the YourSend API must include a valid API key. You can create and manage API keys from the Dashboard → API Keys page.
API keys are prefixed with ys_live_ for production and ys_test_ for sandbox environments.
Authentication Header
Include your API key in the Authorization header as a Bearer token:
curl -X POST https://api.yoursend.dev/v1/send \
-H "Authorization: Bearer ys_live_abc123..." \
-H "Content-Type: application/json" \
-d '{ "channel": "email", "to": "user@example.com", "subject": "Hello" }'With the SDK, pass the key when initializing:
index.ts
import { YourSend } from 'yoursend';
const ys = new YourSend(process.env.YOURSEND_API_KEY!);Key Types
| Prefix | Environment | Description |
|---|---|---|
| ys_live_ | Production | Sends real messages. Use in production. |
| ys_test_ | Sandbox | For development. Messages are logged but not delivered. |
Security Best Practices
- Never expose API keys in client-side code. Always call the API from your backend.
- Store keys in environment variables, not in source code.
- Rotate keys periodically from the dashboard.
- Use separate keys for development and production.
- Revoke keys immediately if compromised.