Skip to main content
Driftstack DRIFTSTACK

Bearer tokens · scoped + revocable

API keys

Pass as Authorization: Bearer <key>. Plaintext is shown ONCE on creation — store it now; we can't recover it later. Revocation is immediate.

Docs
curl https://api.driftstack.dev/v1/account/me \
  -H "Authorization: Bearer ds_live_<your-key>"

# TypeScript SDK
npm i @driftstack/sdk

Replace ds_live_<your-key> with the key you copy on creation — the plaintext is shown once and never stored.

!

API keys are scrypt-hashed at rest. Driftstack staff cannot read your keys — a database breach surfaces hashes, not keys. If a key leaks, revoke + rotate; no admin recovery path exists.

Scopes: read (list/get-only), write (create sessions, navigate, interact), account_owner (manage webhooks, billing, mint other keys). Always create the narrowest-scoped key the job needs.