Authentication
Secure your API requests with API keys or OAuth 2.0. Choose the authentication method that fits your use case.
API Key Authentication
API keys are the simplest way to authenticate. Include your key in the Authorization header of every request.
Server-to-server communication where keys stay secret
Test keys (jk_test_) for development, Live keys (jk_live_) for production
Use a backend proxy for browser/mobile apps
Your API Keys
Usage Examples
curl https://api.justkalm.com/v2/valuate \
-H "Authorization: Bearer jk_live_abc123xyz..." \
-H "Content-Type: application/json" \
-d '{"url": "https://example.com/product"}'import { JustKalm } from '@justkalm/sdk';
// API key is loaded from environment variable
const client = new JustKalm({
apiKey: process.env.JUSTKALM_API_KEY,
});
const valuation = await client.valuate({
url: 'https://example.com/product',
});Security Best Practices
Use Environment Variables
Store API keys in environment variables, never in code or version control.
JUSTKALM_API_KEY=jk_live_...Rotate Keys Regularly
Rotate API keys every 90 days or immediately if compromised. Old keys remain valid for 24 hours after rotation.
Restrict IP Addresses
Enterprise users can restrict API key usage to specific IP addresses or CIDR ranges in the dashboard.
Use Test Keys for Development
Test keys (jk_test_) have higher rate limits and return mock data. Never use live keys in development.
Ready to Start Building?
Get your API keys and make your first request in minutes.