> ## Documentation Index
> Fetch the complete documentation index at: https://docs.rentfax.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Create and manage RentFAX API keys

> Generate, authenticate with, and revoke RentFAX API keys to integrate renter screening into your own software or third-party tools using the REST API.

API keys let you authenticate requests to the RentFAX REST API from your own code or third-party tools. Any time your software needs to look up a renter, submit a report, or pull risk data programmatically, it sends your API key with each request so RentFAX can verify who is calling. API access is available on the Enterprise plan; contact [sales](https://app.rentfax.io/contact?subject=Enterprise+Inquiry) if you need to enable it on your account.

## Generate an API key

<Steps>
  <Step title="Open API Keys settings">
    In the RentFAX dashboard, click your account name in the top navigation and select **Settings**. Then click **API Keys** in the settings sidebar.
  </Step>

  <Step title="Name your key">
    In the **Generate New API Key** panel, enter a descriptive name — for example, `Production` or `Zapier Integration`. A clear name makes it easier to identify and revoke keys later.
  </Step>

  <Step title="Click Generate Key">
    Click **Generate Key**. The full key value is displayed once in a confirmation banner at the top of the page.
  </Step>

  <Step title="Copy and save the key immediately">
    Copy the key and store it in a secure location such as a password manager or a `.env` file. Once you dismiss the banner, the full key is never shown again — only a masked preview.
  </Step>
</Steps>

<Warning>
  Your API key is shown **only once** at creation. If you close or dismiss the confirmation banner without copying the key, you cannot retrieve it. Revoke the key and generate a new one if you lose it.
</Warning>

<Note>
  Each account can have a maximum of **5 active API keys** at one time. Revoke keys you are no longer using to stay within this limit.
</Note>

## Authenticate your requests

Include your API key in the header of every request you make to the RentFAX API. You can use either of two header formats — both are accepted.

<Tabs>
  <Tab title="x-api-key header">
    ```bash theme={null}
    curl https://api.rentfax.io/v1/renter/check?email=renter@example.com \
      -H "x-api-key: rfx_live_••••••••••••"
    ```
  </Tab>

  <Tab title="Authorization: Bearer header">
    ```bash theme={null}
    curl https://api.rentfax.io/v1/renter/check?email=renter@example.com \
      -H "Authorization: Bearer rfx_live_••••••••••••"
    ```
  </Tab>
</Tabs>

<Tip>
  Most HTTP clients and API platforms (Postman, Insomnia, Zapier) have a dedicated field for Bearer tokens. Use the `Authorization: Bearer` format in those tools.
</Tip>

## Example requests

The examples below show common API calls with a key passed as the `Authorization` header. Replace `rfx_live_••••••••••••` with your actual key.

### Search for a renter

```bash theme={null}
curl -X POST https://api.rentfax.io/v1/search \
  -H "Authorization: Bearer rfx_live_••••••••••••" \
  -H "Content-Type: application/json" \
  -d '{ "memberId": "RF-XXXXXXXX" }'
```

### Get a renter's risk score

```bash theme={null}
curl "https://api.rentfax.io/v1/renter/score?renter_id=rtr_7f3a92c1d8e04b6f" \
  -H "Authorization: Bearer rfx_live_••••••••••••"
```

### Submit a report

```bash theme={null}
curl -X POST https://api.rentfax.io/v1/reports \
  -H "Authorization: Bearer rfx_live_••••••••••••" \
  -H "Content-Type: application/json" \
  -d '{
    "renterEmail": "renter@example.com",
    "renterName": "Jane Smith",
    "industryType": "vehicle"
  }'
```

## View your active keys

In **Settings → API Keys**, the keys table shows all active keys for your account. For each key you can see:

* The key name you assigned
* A masked preview of the first characters (e.g., `rfx_live_abc1••••••••`)
* The total number of API requests made with that key
* The date the key was last used

The full key value is never shown after creation.

## Revoke a key

Revoke a key when you no longer need it, suspect it has been compromised, or want to rotate credentials.

<Steps>
  <Step title="Open API Keys settings">
    Go to **Settings → API Keys** in the RentFAX dashboard.
  </Step>

  <Step title="Find the key to revoke">
    Locate the key by name or masked preview in the keys table.
  </Step>

  <Step title="Click Revoke">
    Click the **Revoke** button next to the key. You will be asked to confirm. Once revoked, all requests using that key will immediately return an authentication error.
  </Step>
</Steps>

<Warning>
  Revoking a key is permanent. Any integration or service currently using the key will stop working. Make sure you have updated all systems with a new key before revoking the old one.
</Warning>
