Authentication

The k-ID API uses API keys for server-to-server (S2S) authentication. API keys can be generated in Compliance Studio.

API key authentication

The API key must be included in the Authorization header of all requests.

Authorization: Bearer {api-key}

Example request

curl -X GET "https://game-api.k-id.com/api/v1/age-gate/get-requirements?jurisdiction=US-CA" \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Accept: application/json"

Security best practices

⚠️ Important Security Notes:

Never expose your API key: Keep your API key secure and never include it in client-side code or front end applications
Use environment variables: Store your API key in environment variables, not in source code
Server-side only: Make all API calls from your servers, not from browsers or mobile apps
HTTPS only: Always use HTTPS for API requests to protect your API key in transit
Rotate keys regularly: Regularly rotate your API keys for enhanced security

Getting your API key

API keys can be generated and managed in Compliance Studio. Contact your k-ID representative or visit Compliance Studio to obtain your API key.

API key authentication​

Example request​

Security best practices​

Getting your API key​

API key authentication

Example request

Security best practices

Getting your API key