Authentication
All Vera API requests require a Bearer token in the Authorization header.
Getting Your API Key
Create an API key from the Vera Dashboard under Dashboard > API Keys. See the Quickstart for a walkthrough.
warning
Your API key is shown only once. If you lose it, create a new one.
Making Requests
- cURL
- JavaScript
- Python
curl -X POST https://api.veraenrich.com/enrich \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{"domain": "stripe.com"}'
const response = await fetch('https://api.veraenrich.com/enrich', {
method: 'POST',
headers: {
'Authorization': `Bearer ${process.env.VERA_API_KEY}`,
'Content-Type': 'application/json'
},
body: JSON.stringify({ domain: 'stripe.com' })
});
import os, requests
response = requests.post(
'https://api.veraenrich.com/enrich',
headers={'Authorization': f'Bearer {os.environ["VERA_API_KEY"]}'},
json={'domain': 'stripe.com'}
)
API Key Format
| Prefix | Type | Description |
|---|---|---|
vera_live_ | Production | Full access, counts against quota |
vera_test_ | Test | Limited access for development |
Security
- Use environment variables — Never hardcode keys. Use
.envfiles or your platform's secrets manager. - Server-side only — Never expose keys in frontend code, mobile apps, or public repos.
- Rotate periodically — Create a new key, update your app, then delete the old one.
- Separate by environment — Use different keys for production, staging, and development.
Errors
| Status | Code | Description |
|---|---|---|
401 | AUTHENTICATION_FAILED | Missing, invalid, or revoked API key |
Troubleshooting: Check the header format (Bearer YOUR_KEY), verify the key is active in the dashboard, and ensure no extra whitespace.