API Keys
API keys provide an alternative authentication method for system-to-system integrations (e.g., external services consuming the Quark API).
Managing API Keys
Navigate to Settings → API Keys.
Creating an API Key
- Click New API Key
- Enter a name (descriptive label for the integration)
- Optionally set an expiration date
- Save — the generated key is shown once
danger
The API key is shown only once upon creation. Copy and store it securely. It cannot be retrieved later.
API Key Fields
| Field | Description |
|---|---|
| Name | Descriptive label |
| Key | The generated API key (shown once) |
| Expires At | Optional expiration date |
| Is Active | Whether the key is currently valid |
| Created At | Creation timestamp |
| Last Used At | Last usage timestamp |
Using API Keys
Include the API key in requests via the X-Api-Key header:
GET /api/admin/products
X-Api-Key: your-api-key-here
API keys grant Admin-level access — use them only for trusted integrations.
Revoking Keys
Deactivate a key by toggling its Active status. Deactivated keys are immediately rejected.