Skip to main content
All API endpoints require authentication via a Bearer token in the Authorization header.

Getting an API Key

  1. Log in to your AppKittie dashboard
  2. Navigate to Settings → API Keys
  3. Click Create API Key and provide a descriptive name
  4. Copy the key immediately — it is only shown once
API keys are tied to your team. All team members with admin access can create and manage keys. Never share API keys publicly or commit them to version control.

Using Your API Key

Include the key in the Authorization header with the Bearer prefix: 
curl -X GET "https://appkittie.com/api/v1/apps?limit=10" \
  -H "Authorization: Bearer ak_live_abc123..."

Authentication Errors

StatusErrorDescription
401Invalid or missing API keyThe Authorization header is missing, malformed, or contains a revoked/invalid key
{
  "error": "Invalid or missing API key"
}

Key Management

You can manage your API keys from the dashboard:
  • Create — Generate new keys with descriptive names
  • Revoke — Disable a key immediately (requests using it will return 401)
  • Delete — Permanently remove a revoked key
Use separate API keys for different environments (development, staging, production) so you can revoke one without affecting others.

Security Best Practices

Store your API key in environment variables, not in source code:
export APPKITTIE_API_KEY="ak_live_abc123..."

import os
api_key = os.environ["APPKITTIE_API_KEY"]
API keys should only be used server-side. Never include them in browser JavaScript, mobile apps, or any code that ships to end users.
Create a new key, update your applications, then revoke the old key. This limits the blast radius if a key is compromised.