API keys
API keys identify the caller and govern access limits, rate limits, and security controls.
Headers
X-API-Key: Required for authenticated accessContent-Type:application/jsonfor requests with bodies
Example request
curl
curl -X POST https://api.hackura.app/scan/url \
-H 'Content-Type: application/json' \
-H 'X-API-Key: hk_live_...' \
-d '{"url":"https://example.com"}'Security notes
Best practice
Store API keys in environment variables and never expose them in client-side JavaScript bundles.
