Skip to main content

API Keys

Create and manage API keys for programmatic access to adaline.report.

Overview

API keys let you access adaline.report programmatically. Use them to integrate compliance scanning into your CI/CD pipeline, LMS, or custom applications.

Creating an API Key

  1. Log in to adaline.report
  2. Go to Settings in the sidebar
  3. Click Create API Key
  4. Enter a descriptive name (e.g., "CI Pipeline", "Dev Testing", "Production App")
  5. Copy the key immediately -- it will not be shown again

Using Your API Key

Include the key in the X-API-Key header on every request:

curl -X POST https://api.adaline.report/api/v1/scan \
  -H "X-API-Key: your-api-key" \
  -F "file=@document.pdf"

In Python

import requests

headers = {"X-API-Key": "your-api-key"}
with open("document.pdf", "rb") as f:
    res = requests.post(
        "https://api.adaline.report/api/v1/scan",
        headers=headers,
        files={"file": f},
    )
print(res.json())

In JavaScript

const res = await fetch("https://api.adaline.report/api/v1/scan", {
  method: "POST",
  headers: { "X-API-Key": "your-api-key" },
  body: formData,
});

Managing API Keys

Viewing Keys

Go to Settings to see all your active API keys. Each entry shows:

  • Key name
  • Created date
  • Last used date

Revoking a Key

Click Revoke next to any key to immediately disable it. Revoked keys cannot be restored -- create a new one if needed.

Security Best Practices

  • Never commit API keys to source control. Use environment variables.
  • Use separate keys for each environment (development, staging, production).
  • Rotate keys periodically. Revoke old keys and create new ones.
  • Use descriptive names so you can identify which key is used where.
  • Revoke immediately if a key is compromised or no longer needed.

Rate Limits

API requests are rate-limited per key. If you receive a 429 Too Many Requests response, wait a moment and retry. Contact us if you need higher limits for production use.

Troubleshooting

"401 Unauthorized"

  • Check that the key is included in the X-API-Key header (not Authorization)
  • Verify the key hasn't been revoked
  • Make sure there are no extra spaces or newlines in the key

"429 Too Many Requests"

You've hit the rate limit. Wait 10-30 seconds and retry. For batch scanning, add a small delay between requests.

© 2026 Adaline LLC