Authentication

Get your API keys and start resolving business work units

✓ Every request must be authenticated
AccelEx uses API keys to verify your identity. Keys provide access to workflow pipelines and are tied to your billing plan (per completed work unit, not per call).

Getting Your API Keys

1. Create an account

Sign up at dashboard.accelexpress.com with your work email. Verify your domain to activate organization-level keys.

2. Generate keys

Navigate to Settings → API Keys. Click "Generate New Key". Choose environment: Sandbox (test) or Production (live).

3. Store securely

Copy your key immediately. For security, AccelEx does not store raw keys after generation. Use environment variables or a secrets manager.

4. Test access

Run a test request against the sandbox. Sandbox keys simulate all pipelines but do not count toward billing or produce real workflow units.

Authentication Methods

Bearer Token (Recommended)

Include your API key in the Authorization header for every request:

Authorization: Bearer accelex_live_8f3a2b1c9d4e5f6a7b8c9d0e

All endpoints require this header. Requests without valid authentication receive 401 Unauthorized.

API Key as Query Parameter (Legacy)

For compatibility with older systems, you may pass the key as a query parameter:

https://api.accelexpress.com/v1/pipelines/finance/invoice?api_key=accelex_live_8f3a2b1c9d4e5f6a7b8c9d0e
⚠️ Security note: Query parameters appear in URLs and server logs. Use Bearer tokens in production environments.

Key Types & Permissions

Key TypePrefixAccessUse Case
Sandboxaccelex_test_All pipelines, mock processing, no billingDevelopment, testing, integration validation
Productionaccelex_live_All pipelines, real workflow units, billed per completionLive enterprise workloads
Read-onlyaccelex_ro_GET endpoints only (audit logs, workflow status)Monitoring dashboards, internal tooling
Webhookaccelex_wh_Cannot initiate workflows, only verify webhook signaturesSecure webhook endpoint validation

Making Your First Authenticated Request

curl -X POST https://api.accelexpress.com/v1/pipelines/support/case \ -H "Authorization: Bearer accelex_test_your_sandbox_key_here" \ -H "Content-Type: application/json" \ -d '{ "input": { "source": "email", "transcript": "Test ticket for auth validation" } }'
✓ Expected response (sandbox):
{"workflow_id":"wf_test_abc123","status":"resolved","completed_unit":{"case_object":{"summary":"Test ticket"}}}

Security Best Practices

Environment isolation

Use separate keys for development, staging, and production. Never commit production keys to source control.

Rotate regularly

Generate new keys every 90 days. Revoke old keys immediately after rotation. Dashboard provides one-click rotation.

IP allowlisting

Enterprise plans support IP restrictions. Configure allowed CIDR blocks in the dashboard to restrict key usage.

Never expose client-side

Do not embed API keys in mobile apps, JavaScript, or public repositories. Use a proxy server for frontend integrations.

Rate Limits & Key Monitoring

PlanRequests per secondMonthly workflow unitsKey limits
Starter105,0002 active keys
Business5050,0005 active keys
EnterpriseCustomCustomUnlimited keys, SSO, SCIM

Error Responses

401 Unauthorized { "error": "invalid_api_key", "message": "The API key provided is invalid or has been revoked", "documentation": "https://docs.accelexpress.com/authentication#errors" } 429 Too Many Requests { "error": "rate_limit_exceeded", "message": "Rate limit of 10 requests per second exceeded", "retry_after": 2 }

Ready to authenticate?

Get your sandbox keys instantly — no credit card required for testing.

Go to Dashboard →