API keys let you authenticate programmatic requests to the DocPipe API, such as triggering pipelines via the webhook trigger.Documentation Index
Fetch the complete documentation index at: https://docs.docpipe.ai/llms.txt
Use this file to discover all available pages before exploring further.
Creating an API key
- Go to Settings → API keys
- Click New API Key
- Enter a descriptive name (for example, “Production integration”)
- Optionally set an expiration date. The key will automatically stop working after this date. If left blank, the key does not expire
- Click Create
- Copy the key immediately: it is only shown once
Key format
API keys use thedp_ prefix followed by a unique identifier:
Using your API key
Include the key in theX-Api-Key header of your API requests:
Key scope
API keys are scoped to your organization. A key can access any pipe in the organization that has a webhook trigger configured. The key carries theApiKeyAuth.Trigger.Create permission, allowing it to submit documents to any active pipe’s webhook trigger.
Managing keys
Deactivating a key
Deactivate a key to temporarily disable it without deleting it. Requests using a deactivated key receive a401 error.
Deleting a key
Delete a key to permanently revoke it. This action cannot be undone.Security best practices
- Rotate keys regularly: create a new key, update your integrations, then delete the old key
- Use descriptive names: name keys after their purpose (for example, “CI/CD pipeline”, “Production app”)
- Never commit keys to source control: use environment variables or a secrets manager
- Delete unused keys: remove keys that are no longer in use
- Monitor usage: review your runs to detect unexpected API activity