Authentication
API Keys

API Keys

Each organisation has one active API key at a time. Keys are generated and managed from the TalkNTalk dashboard.

Generating a Key

  1. Log in to your TalkNTalk dashboard.
  2. In the sidebar, go to Developer → API Keys.
  3. Click Generate Key.
  4. Copy the key immediately — it is shown only once and cannot be retrieved later.

Store the key in an environment variable or a secrets manager. Never commit it to version control or embed it in client-side code.

Regenerating a Key

If you suspect a key has been compromised, or want to rotate it on a schedule:

  1. Go to Developer → API Keys.
  2. Click Regenerate.
  3. A confirmation email is sent to the organisation owner's account.
  4. Open the email and click Confirm Regeneration.
  5. Copy the new key — the old key is immediately invalidated.

Note: Only the organisation owner can confirm a regeneration. Opening the confirmation link while logged in as a different account will return a 403 Forbidden error.

Revoking a Key

Click Revoke on the API Keys page to permanently disable a key without replacing it. Any integrations using the key stop working immediately. You can generate a fresh key at any time after revoking.

Security Best Practices

  • Never expose your key in frontend code, public repos, or logs.
  • Rotate regularly — especially when team members leave or a key may have been leaked.
  • One key per organisation — use separate organisations for isolated keys per environment (e.g. staging vs. production).
Verify KeyGet Balance