GuidesAuthentication

Authentication and API Keys

Learn how to securely authenticate your requests to the BrandQL API using API keys, including best practices for managing access.

{
  "error": "Rate limit exceeded",
  "retry-after": 60
}

Overview

BrandQL uses API keys for authentication. You generate keys in your dashboard and include them in the Authorization header of every request. This approach keeps your requests secure and tracks usage against your plan's quotas.

All requests must include a valid API key. Unauthenticated requests return a 401 Unauthorized error.

BrandQL supports a single API key per account. Regenerate keys as needed for security.

Generating API Keys

Access your dashboard to create and manage keys.

Sign Up or Log In

Visit https://brandql.com/signup to create an account or log in at https://app.brandql.com.

Navigate to API Keys

Go to the Account > API Keys section in the sidebar.

Generate Key

Click Generate New Key. Copy the key immediately—it won't show again.

Regenerate if Needed

Use Regenerate to invalidate the current key and create a new one. Update all integrations promptly.

Using Your API Key

Include your key in the Authorization header as Bearer YOUR_API_KEY.

header
Authorizationstring
Required

Format: Bearer brq_xxxxxxxxxxxxxx. Replace with your key.

curl "https://api.brandql.com/logo/paypal.com" \
  -H "Authorization: Bearer YOUR_API_KEY"

Always use API keys server-side. Fetch logos on your backend and serve images to clients.

Rate Limits and Quotas

BrandQL enforces rate limits to ensure fair usage.

Limit TypeFree TierPro TierDescription
Requests per minute60600Per API key
Daily quota10,000UnlimitedResets at midnight UTC

Exceeding limits returns 429 Too Many Requests. Headers provide details:

responseinteger

Requests left in current window.

responseinteger

Unix timestamp when limit resets.

Monitor usage in your dashboard. Upgrade for higher limits.

Security Best Practices

Protect your API keys to prevent unauthorized access.

Store keys securely:

# .env file (never commit)
BRANDQL_API_KEY=YOUR_API_KEY

Load in Node.js:

const apiKey = process.env.BRANDQL_API_KEY;

Next Steps