Skip to main content

Overview

Your API key is a unique identifier that authenticates your requests to the PingPilot API. Every user automatically receives a unique API key upon registration, which is used to send events to your notification channels.
Keep your API key secure! Anyone with your API key can send events to your notification channels and consume your quota.

Finding Your API Key

You can find your API key in the dashboard:
1

Navigate to API Key Settings

Go to Dashboard > API Key in the sidebar
2

View Your Key

Your API key will be displayed on the page. Click the copy button to copy it to your clipboard.

Using Your API Key

Your API key is used to authenticate requests to the PingPilot event API. Include it in the Authorization header as a Bearer token: 
curl -X POST https://pingpilot.com/api/v1/event \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "category": "bug",
    "description": "Critical error in payment processor",
    "fields": {
      "severity": "high",
      "user_id": "12345"
    }
  }'

Authentication Format

The API expects the Authorization header in this exact format: 
Authorization: Bearer [YOUR_API_KEY]
The word “Bearer” must be followed by a space, then your API key. Incorrect formatting will result in a 401 Unauthorized error.

Authentication Errors

Missing Authorization Header

{
  "message": "Unauthorized"
}
Status: 401 Unauthorized Solution: Include the Authorization header in your request.

Invalid Header Format

{
  "message": "Invalid auth header format. Expected: 'Bearer [API_KEY]'"
}
Status: 401 Unauthorized Solution: Ensure your header starts with “Bearer ” followed by your API key.

Invalid API Key

{
  "message": "Invalid API key"
}
Status: 401 Unauthorized Solution: Verify your API key is correct. You may need to regenerate it if it has been compromised.

API Key Security Best Practices

Never hardcode your API key in your source code. Use environment variables instead:
# .env file
PINGPILOT_API_KEY=your_api_key_here

// In your code
const apiKey = process.env.PINGPILOT_API_KEY
Add your environment files to .gitignore to prevent accidentally committing your API key:
# .gitignore
.env
.env.local
.env.production
Create separate PingPilot accounts for development, staging, and production environments. This way, if a development key is compromised, your production notifications remain secure.
Consider regenerating your API key periodically or immediately if you suspect it has been compromised.

API Key Properties

Each API key in PingPilot:
  • Is unique to your user account
  • Is automatically generated when you create your account
  • Is stored securely in the database
  • Never expires (unless regenerated)
  • Has no rate limiting beyond your plan’s quota

Database Storage

API keys are stored in the User model: 
model User {
  id     String @id @default(cuid())
  email  String @unique
  apiKey String @unique @default(cuid())
  // ... other fields
}
The API key is:
  • Generated using cuid() for uniqueness
  • Indexed for fast lookups
  • Unique across all users

Regenerating Your API Key

Regenerating your API key will immediately invalidate the old key. Any applications using the old key will stop working until you update them with the new key.
To regenerate your API key:
1

Go to API Key Settings

Navigate to Dashboard > API Key
2

Click Regenerate

Click the “Regenerate API Key” button
3

Confirm the Action

Confirm that you want to regenerate your key
4

Update Your Applications

Copy the new API key and update all applications that use the PingPilot API

Testing Your API Key

You can quickly test if your API key is working by sending a test event: 
curl -X POST https://pingpilot.com/api/v1/event \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "category": "test",
    "description": "Testing API key"
  }'
If successful, you’ll receive: 
{
  "message": "Event processed successfully",
  "eventId": "clxxx..."
}

Next Steps

Sending Events

Learn how to send events using your API key

Creating Categories

Set up event categories for better organization

Build docs developers (and LLMs) love

Get started for freeTalk to us