kappabufv2.1.4

Authentication

Bearer tokens

All API requests use bearer tokens in the Authorization header:

Authorization: Bearer sk_live_abc123...

Token types

PrefixPurpose
sk_live_Server-side, full access
pk_live_Public, frontend-safe
sk_test_Sandbox, no real charges

Rotation

Rotate tokens via Dashboard → API keys. Old tokens expire 24h after rotation.