API Key Authentication
All API endpoints require authentication using your site API key. Include your API key in the request headers:Getting Your API Key
- Log in to Liquid.tf
- Navigate to your Dashboard
- Go to Settings → API
- Generate or view your API key
Example Request
Security Best Practices
Store keys securely
Store keys securely
Never commit API keys to version control. Use environment variables or secure secret management systems.
Rotate keys regularly
Rotate keys regularly
Regenerate your API key periodically to maintain security.
Use HTTPS only
Use HTTPS only
Always use HTTPS endpoints. HTTP requests will be rejected.
Monitor usage
Monitor usage
Regularly check your API usage to detect unauthorized access.
Troubleshooting
401 Unauthorized
Your API key is missing or invalid. Verify that:- You included the
X-API-Keyheader - The key is correct and hasn’t been revoked
- The key belongs to an active account
403 Forbidden
Your account doesn’t have permission for this action. Check that:- Your account is in good standing
- You’re not banned from marketplace activities
- The endpoint is available for your account type