Developer essentials
API keys
Create, restrict, rotate, and revoke Beladed credentials safely.
Environment isolation
Development and production keys are isolated. Use api.beladed.dev with development credentials and api.beladed.com with production credentials.
Create a key
Sign in to Beladed, open Settings → Developer → API keys, choose only the products and permissions your integration needs, and save the raw secret exactly once in a secrets manager.
Restrict publishable-key origins
List every approved HTTPS origin explicitly. Avoid wildcard origins. Browser extensions should register the exact extension origins used by released builds.
Rotate and revoke
Create a replacement, deploy it, verify traffic, then revoke the old key. Never paste live keys into support messages, source control, screenshots, or documentation examples.