I
ILAL Docs
DashboardBack to Home

Authentication

Learn how to securely access the ILAL API using your API Key

Authentication Method

The ILAL API uses Bearer Token authentication. Every request must include your API Key in the HTTP header.

Header format:
Authorization: Bearer YOUR_API_KEY

Example

curl -X GET https://api.ilal.tech/api/v1/session/status \
  -H "X-API-Key: ilal_live_1234567890abcdef" \
  -H "Content-Type: application/json"

Security Best Practices

Use Environment Variables
Never hardcode your API Key in source code. Use environment variables to store sensitive information.
// .env file
ILAL_API_KEY=ilal_live_1234567890abcdef

// In your code
const apiKey = process.env.ILAL_API_KEY;
Restrict Key Permissions
Create separate API Keys for different environments (development, staging, production).
Rotate Regularly
Periodically rotate your API Keys, especially if you suspect a leak.
Never Expose Your Key
• Do not commit API Keys to Git repositories
• Do not expose API Keys in client-side code
• Do not share API Keys in public forums or documentation

Error Handling

401 UnauthorizedMissing or invalid API Key
{
  "error": "Unauthorized",
  "message": "Invalid API key"
}
429 Too Many RequestsRate limit exceeded
{
  "error": "Rate limit exceeded",
  "message": "You have exceeded your rate limit",
  "retryAfter": 60
}

Manage Your API Keys

You can create, view, and revoke API Keys from the Dashboard.

Go to API Keys Management