JavaScript Required: This application requires JavaScript to function. Please enable JavaScript in your browser settings.

Authentication

Learn how to authenticate your API requests to VendorTruth.

API Keys

Creating API Keys

Navigate to Portal Settings
Click "API Keys" tab
Click "Generate New API Key"
Copy and securely store the key

Using API Keys

Include your API key in the Authorization header:

curl -H "Authorization: Bearer vt_live_abc123..." \
  https://api.vendortruth.org/v1/vendors

Security Best Practices

Key Storage

Never commit API keys to version control. Use environment variables:

# .env file (add to .gitignore)
VENDORTRUTH_API_KEY=vt_live_abc123...

Key Rotation

Rotate API keys regularly (recommended: every 90 days).

Key Scopes

Limit API key permissions to required operations:

vendors:read - Read vendor data
reports:read - Read truth reports
reports:write - Generate new reports
alerts:read - Read alerts
alerts:write - Create/update alerts

Rate Limiting

API keys are rate-limited based on your plan. When rate limited, you'll receive a 429 Too Many Requests response.

Next Steps

API Overview - Learn about available endpoints
Code Examples - Sample implementations