Security & API
Authentication Guide
SyncFlo uses Persistent API Keys to authenticate requests. All API requests must be made over HTTPS to ensure data security.
Base URL
POSThttps://dashboard.syncflo.xyz/api/v1/whatsapp
Current stable API version is
v1.Integration Workflow
Generate Key
Visit the SyncFlo Dashboard, navigate to API Settings, and create a new Persistent API Key.
Header Usage
Include the key in the Authorization header of every request as a Bearer token.
Secure Storage
Store keys securely in server-side environment variables. Do not expose them in client-side code.
Rotation
Rotate keys periodically or immediately if you suspect the credentials have been compromised.
Bearer Token Usage
Authorization Header
Authorization: Bearer your_api_key_hereSecurity Best Practices
Store API keys in server-side environment variables.
Use IP restrictions in the dashboard to whitelist known servers.
Monitor API usage for unusual patterns in the analytics dashboard.