Skip to main content
API keys are how you authenticate with the public API (/v1). Each key belongs to your organization and works from any SDK or HTTP client.

Creating a key

1

Go to API Keys

Open API Keys in the sidebar.
2

Click Create key

Give it a name (like “Production” or “CI pipeline”). You can set an expiration date if you want.
3

Copy the key

You’ll see the full key once. Copy it now — it starts with sk_ and won’t be shown again.

Using a key

Put it in the Authorization header: 
Authorization: Bearer sk_live_...

curl https://api.callingbox.io/v1/calls \
  -H "Authorization: Bearer sk_live_abc123..."

Revoking a key

Hit the revoke button next to any key. It takes effect immediately — anything using that key will start failing.
You can’t un-revoke a key. If you revoke the wrong one, create a new key and update your app.
Using Python? The full setup flow — install, CALLINGBOX_API_KEY, CALLINGBOX_BASE_URL, numbers, calls, and errors — lives in the Python SDK guide.

Keeping keys safe

  • Put keys in environment variables or a secrets manager. Not in code.
  • Use different keys for production and dev.
  • Rotate periodically: create new, switch over, revoke old.
  • Set expiration dates on keys for throwaway environments.