FazerCards Glossary
API key
A long random string that authenticates server-to-server calls. Treated as a password — never embed in client code.
An API key is a secret credential the server-side reseller integration sends with every request (FazerCards uses the X-Api-Key header). It identifies the reseller account, scopes permissions, and is rate-limited. Because it is a bearer credential, leaking it gives full access to the account — store it in environment variables or a secret manager, never in source control, mobile bundles, or browser code.
Key facts
- Rotate keys periodically and on staff turnover.
- Treat as a secret — never log it, never commit it.
- FazerCards keys live in the reseller dashboard.