API Key

Overview

API keys are your credentials for accessing LikeDo's Open API endpoints. They provide secure, programmatic access to create and manage short links, email addresses, and other resources without requiring interactive login.

Why Use API Keys?

• Automation: Integrate LikeDo services into your applications and workflows
• Security: Each key has its own rate limits and can be revoked independently
• Flexibility: Create multiple keys for different applications or environments
• Control: Monitor usage and manage access through your dashboard

Creating an API Key

Step 1: Navigate to Settings

1. Sign in to your LikeDo account
2. Go to Dashboard > Settings > API Keys
3. Click the Create button

Step 2: Configure Your Key

When creating a new API key, you'll configure the following settings:

Key Name

A descriptive name to help you identify the key's purpose.

• Example: "Production API Key", "Development Environment", "Mobile App"
• Length: 1-50 characters
• Purpose: Helps you manage multiple keys

Expiration Period

Set how long the key remains valid.

• Range: 1-365 days
• Default: 90 days
• Recommendation: Use shorter periods for enhanced security

Rate Limiting

Control the number of requests allowed per time window.

Free Plan:

• Maximum: 200 requests per hour
• Default: Enabled with plan limits

Pro/Lifetime Plan:

• Maximum: 2000 requests per hour
• Customizable: Adjust based on your needs

Step 3: Save Your Key

After creating your API key:

1. Copy the key immediately - it's only displayed once
2. Store it securely (password manager, environment variables, or secrets vault)
3. Never commit keys to version control or share publicly

Authentication

Use your API key to authenticate API requests in one of two ways:

Option 1: Authorization Header (Recommended)

Include the key in the Authorization header as a Bearer token:

Authorization: Bearer YOUR_API_KEY

Example:

curl -X POST https://like.do/api/v1/links/create \
  -H "Authorization: Bearer sk_live_abc123..." \
  -H "Content-Type: application/json" \
  -d '{"slug": "example", "targetUrl": "https://example.com"}'

Option 2: Query Parameter

Pass the key as a URL query parameter:

?key=YOUR_API_KEY

Example:

curl -X POST "https://like.do/api/v1/links/create?key=sk_live_abc123..." \
  -H "Content-Type: application/json" \
  -d '{"slug": "example", "targetUrl": "https://example.com"}'

Rate Limits

Rate limits protect our API infrastructure and ensure fair usage across all users. Limits are based on your subscription tier:

Rate Limit Tiers

Rate Limit Headers

Every API response includes rate limit information in the headers:

X-RateLimit-Limit: 2000
X-RateLimit-Remaining: 1995
X-RateLimit-Reset: 1702123456

• X-RateLimit-Limit: Total requests allowed per hour
• X-RateLimit-Remaining: Requests remaining in current window
• X-RateLimit-Reset: Unix timestamp when the limit resets

Handling Rate Limits

When you exceed your rate limit, the API returns a 429 Too Many Requests response:

{
  "success": false,
  "error": "Rate limit exceeded. Please try again later."
}

Best practices:

1. Monitor the rate limit headers
2. Implement exponential backoff for retries
3. Cache responses when possible
4. Upgrade to Pro for higher limits

Managing API Keys

Viewing Your Keys

Navigate to Settings > API Keys to view all your active keys. Each key displays:

• Name: Descriptive identifier
• Created: Creation timestamp
• Expires: Expiration date (if set)
• Last Used: Most recent API call timestamp
• Rate Limit: Current rate limiting configuration

Key Information Display

Key Name: Production API Key
Created: 2025-12-07 10:30:00
Expires: 2026-03-07 10:30:00
Last used: 2025-12-07 15:45:00
Rate limit: 2000 requests per 1 hours

Deleting Keys

To revoke access:

1. Click the delete icon (trash) next to the key
2. Confirm the deletion in the dialog
3. The key is immediately invalidated

Warning: Applications using deleted keys will receive 401 Unauthorized errors immediately.

Security Best Practices

1. Keep Keys Secret

• Never commit API keys to version control (Git, SVN, etc.)
• Don't share keys in public forums, chat, or email
• Avoid hardcoding keys in source code
• Don't expose keys in client-side JavaScript

2. Use Environment Variables

Store keys in environment variables or secure configuration:

.env file:

LIKEDO_API_KEY=sk_live_abc123...

Usage in code:

const apiKey = process.env.LIKEDO_API_KEY;

3. Rotate Keys Regularly

• Create new keys periodically (every 90 days recommended)
• Update your applications with new keys
• Delete old keys after migration

4. Use Different Keys for Different Environments

Separate keys for each environment:

• Development: dev_key_xyz...
• Staging: staging_key_abc...
• Production: prod_key_123...

5. Monitor Usage

• Regularly check the "Last Used" timestamp
• Delete unused keys immediately
• Review API logs for suspicious activity

6. Limit Key Permissions

• Create separate keys for different applications
• Use rate limits appropriate to each use case
• Revoke keys when no longer needed

Code Examples

JavaScript/TypeScript

// Using fetch with Authorization header
async function createShortLink(data) {
  const response = await fetch('https://like.do/api/v1/links/create', {
    method: 'POST',
    headers: {
      'Authorization': `Bearer ${process.env.LIKEDO_API_KEY}`,
      'Content-Type': 'application/json',
    },
    body: JSON.stringify(data),
  });

  if (!response.ok) {
    const error = await response.json();
    throw new Error(error.error || 'Request failed');
  }

  return response.json();
}

// Usage
try {
  const result = await createShortLink({
    slug: 'my-link',
    targetUrl: 'https://example.com',
  });
  console.log('Link created:', result.data);
} catch (error) {
  console.error('Error:', error.message);
}

Python

import os
import requests

def create_short_link(data):
    """Create a short link using the API key."""
    api_key = os.environ.get('LIKEDO_API_KEY')

    headers = {
        'Authorization': f'Bearer {api_key}',
        'Content-Type': 'application/json',
    }

    response = requests.post(
        'https://like.do/api/v1/links/create',
        headers=headers,
        json=data
    )

    response.raise_for_status()
    return response.json()

# Usage
try:
    result = create_short_link({
        'slug': 'my-link',
        'targetUrl': 'https://example.com',
    })
    print('Link created:', result['data'])
except requests.exceptions.HTTPError as error:
    print('Error:', error.response.json()['error'])

cURL

#!/bin/bash

# Store API key in environment variable
export LIKEDO_API_KEY="sk_live_abc123..."

# Create short link
curl -X POST https://like.do/api/v1/links/create \
  -H "Authorization: Bearer $LIKEDO_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "slug": "my-link",
    "targetUrl": "https://example.com"
  }'

PHP

<?php

function createShortLink($data) {
    $apiKey = getenv('LIKEDO_API_KEY');

    $ch = curl_init('https://like.do/api/v1/links/create');

    curl_setopt_array($ch, [
        CURLOPT_POST => true,
        CURLOPT_RETURNTRANSFER => true,
        CURLOPT_HTTPHEADER => [
            'Authorization: Bearer ' . $apiKey,
            'Content-Type: application/json',
        ],
        CURLOPT_POSTFIELDS => json_encode($data),
    ]);

    $response = curl_exec($ch);
    $statusCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
    curl_close($ch);

    if ($statusCode !== 200 && $statusCode !== 201) {
        throw new Exception('Request failed: ' . $response);
    }

    return json_decode($response, true);
}

// Usage
try {
    $result = createShortLink([
        'slug' => 'my-link',
        'targetUrl' => 'https://example.com',
    ]);
    echo 'Link created: ' . $result['data']['shortUrl'];
} catch (Exception $e) {
    echo 'Error: ' . $e->getMessage();
}

Error Responses

Missing API Key (401)

{
  "success": false,
  "error": "Missing API key. Provide it via Authorization header (Bearer token) or ?key= query parameter"
}

Invalid API Key (401)

{
  "success": false,
  "error": "Invalid or expired API key"
}

Rate Limit Exceeded (429)

{
  "success": false,
  "error": "Rate limit exceeded. Please try again later."
}

Troubleshooting

API Key Not Working

1. Check expiration: Expired keys return 401 errors
2. Verify format: Ensure no extra spaces or line breaks
3. Check deletion: The key may have been deleted
4. Review headers: Confirm proper Authorization header format

Rate Limit Issues

1. Monitor headers: Check X-RateLimit-Remaining
2. Implement backoff: Wait before retrying
3. Optimize requests: Cache responses, batch operations
4. Upgrade plan: Pro plan offers 10x higher limits

Last Used Not Updating

• There may be a delay of a few minutes
• Only successful requests update the timestamp
• Check that requests are reaching the API

Upgrading for Higher Limits

Free plan users are limited to 200 requests per hour. Upgrade to Pro for:

• 10x higher rate limits: 2000 requests/hour
• More flexibility: Custom rate limit configurations
• Premium domains: Access to exclusive domains
• Priority support: Faster response times

View Pricing Plans →

Related Resources

• API Overview - Complete API documentation
• Short Link API - Create short links programmatically
• Email API - Manage email addresses via API
• Interactive Playgrounds - Test APIs before integration

Support

Need help with API keys?

• Check our API documentation
• Review code examples
• Contact our support team for assistance

Next Steps:

1. Create your first API key
2. Try the Short Link API
3. Explore the Email API