Start for free

API Key

What Is an API Key?

API Key is a string that identifies an application or project when it makes a request to an API. The key is usually sent along with the request so the API can recognise the caller and associate the request with the right project. In many systems, API keys are also used for quota, billing, and monitoring.

Importantly, an API key is not usually about identifying an end user. It is mainly used to identify the calling app, service, or project. That is why API keys are common in server-to-server integrations, internal tools, and API-based products where the platform needs to recognise the client making the request.

API Key vs. Access Token

API keys and access tokens are related, but they are not the same.

Generally, an API key identifies the application or project making the request. An access token, meanwhile, is typically used to authorise access on behalf of a user, service, or application identity. Put more simply, an API key tells the API which app is calling, while an access token is more often used to prove that the caller has permission to access a protected resource or perform a specific action.

The difference matters because API keys are sometimes treated like a complete authentication system, although they are not really built for that. In many APIs, keys are used for identification, billing, quota management, and traffic control. Stronger authorisation is usually handled through access tokens, user credentials, service accounts, permissions, or other access controls.

Using API Keys In Digital Products

Product and engineering teams use API keys to connect apps, services, and integrations to APIs in a controlled way. They are often used for: 

  • identifying the calling app or project;
  • managing quotas and rate limits;
  • tracking usage for billing or monitoring;
  • restricting which services, referrers, IPs, or apps can use the key. 

API keys are sensitive credentials, so they need careful handling. Keeping them out of public code where possible, avoiding unnecessary exposure in URLs, applying restrictions to limit how each key can be used, deleting unused keys, and rotating keys when needed. 

How do Watchers use API Keys

We have an API catalogue to connect your services with the Watchers platform to ensure a seamless experience for additional integrations. For example, you can start and finish in-chat live streaming automatically, send in-chat marketing offers with the linkage to your CRM system, synchronise badges with your main platform to ensure the end-to-end experience when users have the same achievements in their main profiles and in chat, and many more.

Read more about the various APIs we use to provide you with a seamless connection between chats and the host platform.
 

Boost your platform with

Watchers embedded tools for ultimate engagement

Book a callStart for free
Cookie settings

We use cookies for essential website functionality and, with your consent, analytics. You can accept all cookies, reject non-essential cookies, or manage your preferences. Declining non-essential cookies will not affect your access to the website.

Learn more in ourCookie Policy.