Authentication

All Vault4x API requests must be authenticated using your API key. This section covers how to properly authenticate your requests.

Authentication Methods

SDK Authentication

When using the JavaScript SDK, pass your API key during initialization:

javascript

const vault4x = new Vault4x("vk4x_your_api_key_here");

API Authentication

For direct API calls, include your API key in the request headers:

bash

curl -X POST https://api.vault4x.com/v1/token \
  -H "x-api-key: vk4x_your_api_key_here" \
  -H "Content-Type: application/json" \
  -d '{"number":"4242424242424242",...}'

Security Best Practices

Key Rotation

Regularly rotate your API keys:

Generate a new API key in the dashboard
Update your application configuration
Test the new key
Revoke the old key

IP Restrictions

Configure IP restrictions in your dashboard to limit API key usage to specific servers when using the API.

Domain restrictions

Add domain restrictions when using the payment form instead of the IP restrictions.

Next: Form Integration →

Authentication ​

Authentication Methods ​

SDK Authentication ​

API Authentication ​

Security Best Practices ​

Key Rotation ​

IP Restrictions ​

Domain restrictions ​