Need an account? Sign up free — takes 30 seconds.
1. Create an API
An API in Unkey is a container for your keys. Head to your dashboard and create one, or use one you already have. Copy your API ID — it looks likeapi_xxxx.
2. Create a root key
Root keys authenticate your requests to the Unkey API (for creating and managing keys).- Go to Settings → Root Keys
- Click Create New Root Key
- Give it a name and select the permissions you need
- Copy the key — you won’t see it again
3. Create an API key
Now let’s create a key that your users would use to authenticate:key value — that’s what you’ll verify in the next step.
4. Verify the key
This is what you’ll do on every API request to check if a key is valid:What’s in the verification response?
Thedata object contains everything you need to make authorization decisions:
| Field | Type | Description |
|---|---|---|
valid | boolean | Whether the key passed all checks |
code | string | Status code (VALID, NOT_FOUND, RATE_LIMITED, etc.) |
keyId | string | The key’s unique identifier |
name | string? | Human-readable name of the key |
meta | object? | Custom metadata associated with the key |
expires | number? | Unix timestamp (in milliseconds) when the key will expire. (if set) |
credits | number? | Remaining uses (if usage limits set) |
enabled | boolean | Whether the key is enabled |
roles | string[]? | Permissions attached to the key |
permissions | string[]? | Permissions attached to the key |
identity | object? | Identity info if externalId was set when creating the key |
ratelimits | object[]? | Rate limit states (if rate limiting configured) |
Fields marked with
? are optional and only included when relevant (e.g., remaining only appears if you set a usage limit).Next steps
Now integrate Unkey into your actual application:Next.js
Protect API routes with middleware
Express
Add key verification to Express routes
Bun
Fast verification with Bun’s native server
Hono
Edge-ready API key verification