API Keys
In Knock, all requests to the Knock API are issued using a API key. Your API keys are environment specific and allow Knock to tie a request on the API back to an isolated Knock environment.
Finding your API keys
You can find your environment-specific API keys under "Developers > API keys" in the left-hand side bar. Remember: each environment has its own unique set of API keys.
Secret vs public API keys
Each Knock environment will be generated with two API keys: a secret key and a public key. You can uniquely identify these keys as they start with sk_ for a secret key, vs pk_ for a public key.
-
Public keys are only meant to identify your account with Knock. They aren't secret, and can safely be made public in any of your client-side code.
-
Secret keys can perform any API request to Knock, they should be kept secure and private! Be sure to prevent secret keys from being made publicly accessible, such as in client-side code, GitHub, unsecured S3 buckets, and so forth.