Authentication
API Keys
All API requests are authenticated with an API key.
http
Authorization: Bearer YOUR_API_KEYGetting Your API Key
- Sign in at piifirewall.com/app
- Go to Settings → API Keys
- Click Generate New Key
- Copy the key — it is shown only once
Key Security
- Never commit API keys to source control
- Use environment variables:
PII_FIREWALL_API_KEY - Rotate keys immediately if compromised (Settings → Revoke)
.env Example
bash
# .env
PII_FIREWALL_API_KEY=pfk_live_xxxxxxxxxxxxxxxxtypescript
import { PIIFirewall } from 'pii-firewall-sdk'
const firewall = new PIIFirewall({
apiKey: process.env.PII_FIREWALL_API_KEY!,
})Key Scopes
| Scope | Description |
|---|---|
read | detect, credits check |
write | mask, restore, all operations |
admin | manage keys, view usage logs |
Default keys have write scope. Restrict scope for read-only integrations.
Rotating Keys
To rotate a key without downtime:
- Generate a new key in the dashboard
- Update your environment variable
- Redeploy your service
- Revoke the old key
IP Allowlisting (Enterprise)
Enterprise plans can restrict API key usage to specific IP ranges. Contact enterprise@piifirewall.com.