Authentication

All requests to the Syvel API are authenticated with an API key.

Key format

API keys follow this exact format:

sv_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

• Prefix: sv_
• Followed by 32 alphanumeric characters
• Total length: 35 characters

Example: sv_a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6

Sending your key

Pass the key in the Authorization header on every request:

Authorization: Bearer sv_your_api_key

curl "https://api.syvel.io/v1/check/[email protected]" \
  -H "Authorization: Bearer sv_your_api_key"

Key visibility

Copy your key immediately

Your API key is displayed only once, at the moment of creation. It cannot be retrieved afterwards. If you lose it, delete it from the dashboard and create a new one.

Creating a key

In the dashboard, under the API Keys section:

1. Click New key
2. Give it a name (e.g. "Production", "Staging")
3. Copy the displayed key immediately

Origin restriction (CORS)

Each key can be restricted to one or more allowed origins. When an origin is set, requests from any other Origin header are rejected with a 403.

This is useful for browser-side integrations to prevent your key from being used from third-party domains.

Configure allowed origins per key in the dashboard, under API Keys → Edit.

Note

Origin restriction applies to browser requests only (where the Origin header is sent automatically). Server-side requests (cURL, Node.js, Python, etc.) are not affected.