Skip to main content
API keys authorise your backend to create checkout sessions. Dashboard → API Keys.
Never put keys in frontend code, mobile apps, or public repos. Backend env vars only.

Format

The list shows a shortened preview (e.g., ms_live_abc123...). The full key is shown once at creation — Minisend stores only a hash.

Generate

1

Open API Keys

Sidebar → API Keys.
2

New Key

Top-right button.
3

Name it

e.g., Production or Staging. Blank defaults to Default.
4

Copy now

The key appears in a banner. Copy and store it — closing or dismissing the banner means generating a new key.
Create multiple keys (one per environment). Revoking one doesn’t affect the others.

Use in requests

Revoke

Hover the row → click the trash icon. Deactivated immediately — subsequent requests return 401.
Revocation is permanent. If a production server uses the key, update its env var first.

Best practices

  • Rotate periodically, immediately if exposed.
  • Separate keys per environment.
  • Set as a server-side env var (MINISEND_API_KEY), never hardcode.
  • Accidentally committed to a public repo → revoke and regenerate.