Obtaining an API key
You can generate an API key in two ways:- Dashboard: Go to Settings → API Keys in your RentFAX account and click Create Key.
- API: Send a
POSTrequest to/v1/keysauthenticated with an existing key (or your dashboard session token).
Your API key is shown only once, immediately after creation. Copy and store it securely before closing the dialog — it cannot be retrieved again.
Passing your API key
You can authenticate requests using either of the following headers. Both are accepted by every endpoint.Option 1: x-api-key header
Option 2: Authorization: Bearer header
Code examples
API key format
All RentFAX API keys begin with the prefixrfx_live_ followed by a 32-character alphanumeric string. For example:
rfx_. If you receive an Invalid API key format error, check that you are not passing a dashboard session token or a truncated key value.
401 Unauthorized errors
A401 response means the request could not be authenticated. The response body describes the specific reason.
- Missing key
- Invalid format
- Revoked or not found
Cause: No Fix: Add the
x-api-key or Authorization header was sent.x-api-key header to your request.Rate limits
The API enforces per-key rate limits measured in requests per minute:
When you exceed the limit, the API returns a
429 status with a Retry-After: 60 header. Wait for the indicated number of seconds before retrying.
Security best practices
Managing keys
To create, list, or revoke API keys:- Dashboard: Go to Settings → API Keys — see API keys for a step-by-step guide.
- API: Use the
/v1/keysendpoints — see the keys endpoint reference.