Avocazo Docs

Authentication

All API requests in Avocazo require authentication via an API Key. This key is generated automatically when a client registers and is accessible in the API Keys section of the dashboard under the Free Plan. The same API Key must be used for both the Generate API and the Track API.

To authenticate a request, include the API Key in the request header with the key X-API-KEY. For example:

GET /api/track/doc_123456 HTTP/1.1
Host: avocazo.com
X-API-KEY: YOUR_API_KEY

API Keys can be revoked and regenerated from the dashboard in case of suspicious activity. It is recommended to treat your API Key as a secret and avoid sharing it publicly. Any request without a valid API Key will be rejected with an authentication error.

Best Practices

1. Keep your API Key secure and do not expose it in client-side code.
2. Regenerate your API Key immediately if you suspect it has been compromised.
3. Use separate keys for different applications or environments to improve security and manageability.
4. Always include the API Key in the X-API-KEY header for every request to avoid authentication errors.