Authentication
Learn how to authenticate with the Checkend ingestion API.
Ingestion Keys
Checkend uses ingestion keys to authenticate requests to the ingestion API. Each app in your Checkend instance has its own ingestion key.
You can find your ingestion key in the Checkend dashboard under Apps → Your App → Settings.
API Keys vs Ingestion Keys
Ingestion keys are app-specific and used only for sending errors. For managing resources programmatically, use API keys with the Management API.
Using the Ingestion Key
Include your ingestion key in the Checkend-Ingestion-Key header:
cURL
curl -X POST https://your-checkend-instance.com/ingest/v1/errors \
-H "Content-Type: application/json" \
-H "Checkend-Ingestion-Key: your-ingestion-key" \
-d '{"error_class": "TestError", "error_message": "Test"}'Header Naming
This header follows RFC 6648 conventions by using a vendor-prefixed header name (
Checkend-) instead of the deprecated X- prefix.
Security Best Practices
- Keep ingestion keys secret — Never commit ingestion keys to version control
- Use environment variables — Store keys in environment variables, not in code
- Rotate keys — Regenerate keys periodically or if you suspect they've been compromised
- Use HTTPS — Always send requests over HTTPS in production
Invalid Ingestion Key
If you provide an invalid or missing ingestion key, the ingestion API will return a
401 Unauthorized response.
Error Responses
| Status | Description |
|---|---|
| 401 | Ingestion key is missing or invalid |
| 403 | Ingestion key doesn't have permission for this action |