Skip to main content

API Keys

All Domain Trust API requests must include a valid API key.

Requests without a valid key return an unauthorized error.

You can create, view, delete, and rotate API keys in the Domain Trust Dashboard.

API Key Types

Domain Trust supports two environments: Testing and Production.

  • Testing Key – Use this key to explore and test the API without affecting real data or the production environment.
  • Production Key – Use this key to authenticate requests and submit domains to the live Domain Trust ecosystem. Submissions here contribute to shared domain reputation data visible to all production users.

You can create multiple keys as needed.

Production keys become available once your account has production access.

Environments

Requests are always scoped to either the Testing or Production environment, based on the API key used.

Data and submissions do not overlap between environments — for example, a domain submitted in Testing will not appear in Production.

All production submissions are shared across the Domain Trust network and are visible to all production users.
In contrast, testing submissions are private and visible only to members of your organization.
This allows you to experiment safely in Testing without affecting or exposing data in the Production environment.

Create an API Key

To create a new API key:

  1. Open the API Keys page in the Domain Trust Dashboard.
  2. Click Create Key.
  3. Enter a brief description to identify the key’s purpose.
  4. Select the environmentTesting or Production.
  5. Set an expiration date and time for the key.

Note: The API key is displayed only once after creation. Make sure to copy and store it securely.

Once created, you can update the expiration date or delete the key from the dashboard at any time.

Keep Your Keys Safe

API keys provide full access to your Domain Trust account, so treat them like passwords.

  • Do not share your keys publicly or embed them in client-side code (such as JavaScript or mobile apps).
  • Store securely using a secrets manager or environment variables.
  • Rotate keys regularly to minimize risk.
  • Revoke immediately if you suspect a key has been exposed or compromised.

Protecting your keys helps ensure the security and integrity of your organization’s data and the wider Domain Trust network.