API Keys

Create and manage personal keys. Keep them secret; rotate them often.

Header: Authorization: Bearer <KEY> Version: X-Roovet-Version HMAC webhooks: X-Roovet-Signature

Create a key

Key name

Mode

Rate limit (rpm)

Expires (optional)

Scopes

Scopes gate endpoints; use least privilege.

wallet:read wallet:write shop:read shop:write search:read virtualrep:read virtualrep:write esign:read esign:write

Custom scopes

Your backend can ignore unknown scopes safely.

IP allowlist (optional)

Comma-separated IPs/CIDRs. Empty allows any IP.

Referrer allowlist (optional)

Comma-separated hostnames. Use for browser-side keys.

Notes (optional)

No keys yet.