Authentication
All API requests require a valid API key. Keys are managed from the Heuristik Dashboard.
Key types​
| Type | Prefix | Environment |
|---|---|---|
| Sandbox | sk_sandbox_ | Testing |
| Live | sk_live_ | Production |
Configuration​
client.ts
import { HeuristikClient } from '@heuristik/sdk';
const client = new HeuristikClient({
apiKey: process.env.HEURISTIK_API_KEY!,
baseUrl: 'https://sandbox.api.heuristik.com/v1', // optional
});
Never expose API keys
API keys must only be used server-side. Never include them in client-side JavaScript bundles, mobile apps, or public repositories.
Environment variables​
.env
# Sandbox (development)
HEURISTIK_API_KEY=sk_sandbox_abc123
# Production
HEURISTIK_API_KEY=sk_live_xyz789
Key rotation
If a key is compromised, rotate it immediately from the Dashboard. Old keys are revoked instantly.