Skip to content
Metrifly Metrifly Metrifly Developer Docs

Authentication and API keys

Prerequisites

Section titled “Prerequisites”
  • An approved Metrifly partner account.
  • A partner API key issued by Metrifly.
  • A customer grant for the portfolio and scopes you need.

Send the API key with the ApiKey authorization scheme.

Terminal window
curl https://api.metrifly.com/v1/portfolios \
  -H "Authorization: ApiKey $METRIFLY_API_KEY" \
  -H "Accept: application/json"

Key handling

Section titled “Key handling”
  • Store API keys only in a secrets manager or runtime environment.
  • Do not expose keys in browser code, mobile apps, logs, screenshots, or support tickets.
  • Rotate keys when team access changes or a key may have been exposed.

Customer grants

Section titled “Customer grants”

An API key identifies your partner application. Customer grants decide which portfolios and scopes that application may access.

If a grant is missing or revoked, the API returns 403 with a code that explains the missing permission.