Skip to main content
The DRIP API uses API key authentication. You’ll need to include your API key in the Authorization header of every request.

Getting Your API Key

  1. Log into your DRIP dashboard
  2. Navigate to Settings > API Keys
  3. Click Generate New API Key
  4. Copy and securely store your API key
Keep your API keys secure and never expose them in client-side code. Treat them like passwords.

Authentication Header

Include your API key in the Authorization header using the Bearer token format: 
Authorization: Bearer YOUR_API_KEY_HERE

Example Request

curl -X GET "https://api.drip.re/api/v1/realms/YOUR_REALM_ID" \
  -H "Authorization: Bearer YOUR_API_KEY_HERE" \
  -H "Content-Type: application/json"

API Key Permissions

API keys inherit the permissions of the user who created them. Ensure your account has the necessary permissions for the operations you want to perform:
  • Read permissions: View realm data, member information, point balances
  • Write permissions: Update member balances, create quests, manage store items
  • Admin permissions: Full realm management capabilities

Testing Authentication

You can test your authentication by making a simple request to get your realm information: 
curl -X GET "https://api.drip.re/api/v1/realms/YOUR_REALM_ID" \
  -H "Authorization: Bearer YOUR_API_KEY_HERE"
A successful response will return your realm data. An authentication error will return a 401 Unauthorized status.

Security Best Practices

Environment Variables

Store API keys in environment variables, never in your source code

Rotate Keys

Regularly rotate your API keys and revoke unused ones

Scope Permissions

Use accounts with minimal necessary permissions for API operations

Monitor Usage

Monitor API key usage to detect unauthorized access
I