VotePipe

API Authentication

How to authenticate with the VotePipe API

API Keys

VotePipe uses API keys for programmatic access to the REST API. API keys provide secure authentication without requiring username and password credentials. This approach is ideal for server-to-server communication, automation scripts, and integrations with third-party tools.

API keys are available on Growth+ plans and allow you to programmatically manage providers, retrieve vote data, configure callbacks, and access statistics. Each API key can be scoped to either read-only or full access, giving you fine-grained control over what operations can be performed.

Creating Your First API Key

  1. Go to SettingsAPI Keys in your VotePipe dashboard
  2. Click Create Key to generate a new API key
  3. Choose a scope: Read for read-only access or Full for complete access
  4. Give your key a descriptive name to help you identify its purpose later
  5. Copy the key immediately - it's only shown once for security reasons!
  6. Store the key securely in your application configuration or environment variables

Security Best Practice: Never commit API keys to version control systems. Use environment variables or secure secret management tools. If a key is compromised, revoke it immediately and create a new one.

Using API Keys

All API requests must include your API key in the Authorization header using the Bearer token format. This ensures that only authorized applications can access your VotePipe data and perform operations on your behalf.

The API key should be included in every HTTP request header as follows:

http
Authorization: Bearer mr_live_your_api_key_here

Replace mr_live_your_api_key_here with your actual API key. The key prefix (e.g., mr_live_) indicates the key type and environment.

Example Request

bash
curl -X GET https://api.votepipe.com/v1/providers \ -H "Authorization: Bearer mr_live_your_api_key_here"

Key Scopes

API keys support two scopes that determine what operations can be performed. Choose the scope that matches your use case to follow the principle of least privilege - only grant the minimum permissions necessary for your application to function.

ScopeDescriptionUse Cases
readRead-only access (GET requests only)Analytics dashboards, monitoring tools, read-only integrations
fullFull access (all HTTP methods: GET, POST, PATCH, DELETE)Automated management, CI/CD pipelines, administrative tools

Tip: For most integrations, a read-only key is sufficient. Only use full scope keys when you need to create, update, or delete resources programmatically. You can create multiple API keys with different scopes for different applications or environments.

API Key Management

Once you have created API keys, you can manage them programmatically:

→ List all API keys→ Create a new API key→ Delete/Revoke an API key

Learn More

→ API Endpoints→ Rate Limits