Authentication
All requests are authenticated with a bearer token in the Authorization header.
Authorization: Bearer cdit_live_xxxxxxxxxxxx
Key types
| Prefix | Environment | Notes |
|---|---|---|
cdit_test_ |
Sandbox | No real charges, rate-limited to 60 req/min |
cdit_live_ |
Production | Full access, rotate every 90 days |
Rotating keys
Old keys stay valid for 24 hours after a new key is issued, so you can roll deployments without downtime.