Authentication

All API requests require authentication using an API key. This section explains how to obtain and use your API key.

Obtaining an API Key

1. Log in to your dashboard at https://kixon.app.com
2. Open the sidebar and navigate to API Keys
3. Click Generate New API Key
4. Copy and securely store your API key

Important: API keys are shown only once. Store them securely and never expose them in client-side code.

Using Your API Key

Include your API key in the Authorization header of every request:

Authorization: Bearer YOUR_API_KEY

Example Request

curl -X POST https://kixon.app/api/send-sms \
  -H "Authorization: Bearer sk_live_abc123xyz789" \
  -H "Content-Type: application/json" \
  -d '{"senderId": "MyBrand", "phone": "233200000000", "message": "Hello"}'

Authentication Errors

Invalid API Key

If the API key is invalid or malformed:

HTTP/1.1 401 Unauthorized

{
  "success": false,
  "error": "Invalid API key"
}

Expired API Key

If the API key has expired:

HTTP/1.1 401 Unauthorized

{
  "success": false,
  "error": "API key has expired. Please generate a new key from your dashboard."
}

Missing API Key

If no API key is provided:

HTTP/1.1 401 Unauthorized

{
  "success": false,
  "error": "Authorization header is required"
}

Security Best Practices

• Never expose API keys in client-side JavaScript or mobile apps
• Use environment variables to store API keys in your applications
• Rotate keys regularly and revoke unused keys
• Use different keys for development and production environments