Authentication

All management API requests require authentication via the Authorization header.

Authorization: Bearer sk_live_your_key_here

API keys are created in the developer console under API Keys.

API Keys

Keys with the sk_live_ prefix authenticate against production data. API keys provide full management access to your account's resources.

To create a key:

Open the developer console at app.smplkit.com
Navigate to API Keys in the sidebar
Click + Create API Key
Copy the key — you won't be able to see it again

Token Types

Type	Prefix	Scope	Used For
API Key	`sk_live_`	Account-wide	Management API calls from scripts, CI/CD, IaC tools
SDK Key	`sdk_live_`	Per-environment	Runtime SDK calls from your application (coming soon)

Error Responses

If authentication fails, the API returns a 401 response:

json

{
  "errors": [
    {
      "status": "401",
      "title": "Missing Authorization header",
      "detail": "Provide an API key in the Authorization header: 'Authorization: Bearer sk_live_your_key_here'"
    }
  ]
}

Security Best Practices

Do not commit API keys to source control
Use environment variables to store keys in your application
Rotate keys periodically using the console
Revoke keys immediately if compromised

Authentication ​

API Keys ​

Token Types ​

Error Responses ​

Security Best Practices ​

Authentication

API Keys

Token Types

Error Responses

Security Best Practices