Authentication
Brewry uses API keys to authenticate requests. Each API request must include a valid API key in the header.
API Keys
Getting an API Key
- Log in to your Brewry dashboard
- Create a new Cellar or navigate to an existing cellar.
- Navigate to "API Keys" in the top menu
- Click "Create New Key"
- Copy and securely store your API key
Using API Keys
Include your API key in the X-API-Key header with every request:
curl -X POST https://tap.brewry.xyz/api/v1/ingest \
-H "Content-Type: application/json" \
-H "X-API-Key: YOUR_API_KEY" \
-d '{
"cellar": "example",
"rack": "device-name",
"keg": "sensor-name",
"value": 42,
"timestamp": "2024-03-20T10:30:00Z"
}'
Security Best Practices
-
Never share your API key
- Keep it secure and private
- Don't commit it to version control
- Don't include it in client-side code
-
Rotate API keys regularly
- Generate new keys periodically
- Revoke old keys when no longer needed
- Use different keys for different applications
-
Use environment variables
export BREWRY_API_KEY="your-api-key" -
Implement proper error handling
- Check for 401 Unauthorized responses
- Handle API key expiration
- Monitor for suspicious activity
API Key Management
Viewing Active Keys
- List all active API keys in your dashboard
- See creation date and last used date
- Monitor usage patterns
Revoking Keys
- Immediately revoke compromised keys
- Set expiration dates for temporary keys
- Maintain an audit trail of key usage
Error Responses
Invalid API Key
{
"error": "Invalid API key",
"status": 401
}
Expired API Key
{
"error": "API key has expired",
"status": 401
}
Missing API Key
{
"error": "API key is required",
"status": 401
}
Rate Limiting
API keys are subject to rate limiting. See the Rate Limiting section for details.
Support
If you need help with authentication:
- Contact support at support@brewry.xyz
- Visit our Support Center