Security
Authentication
Every API request uses a Bearer token. Keep live keys for production traffic, test keys for integration work, and rotate credentials from the developer dashboard when ownership changes.
Live
sc_live_*
Use for production jobs, customer workflows, and any billing-impacting traffic.
Test
sc_test_*
Use for local development, CI, previews, and sandbox experimentation.
Scopes
Per-key control
Create focused keys by environment and workload instead of sharing one credential everywhere.
Header format
Authorization
Authorization: Bearer sc_live_your_api_key_here
Key-management guidance
Rotate keys when teammates change, secrets appear in logs, or you split a shared workload into separate services.
The dashboard shows key prefixes, last-used timestamps, environments, and activation state so you can audit access without exposing full credentials.