Build With RevenueCat

Build a customized mobile subscription business with RevenueCat. We do the heavy lifting of normalizing subscribers from any source and maintain a single source of truth for subscription status, so you can get back to building your app.

RevenueCat is a powerful, secure, reliable, and free to use in-app purchase server with global support. All you need to get started is an API key.

Get Started    API Reference

Authentication

Manage your API keys to authenticate with RevenueCat

RevenueCat authenticates requests from the REST API and Purchases SDK using your app's API keys. All requests must include a valid key. There are also two types of API keys: public and secret.

  • Public API keys are meant to make non-potent changes to subscribers, and must be used to configure the Purchases SDK.
  • Secret API keys, prefixed sk_, should be kept confidential and only stored on your own servers. Your secret API keys can perform any API request without restriction including deleting subscribers and granting promotional access.

Each app is provided with a public key. Secret keys can be created and deleted by the app Admins.

Obtaining API Keys

You can find your API Keys in your app's configuration dashboard.

If you cannot see your API keys, it may mean you do not have access to them. Contact the app's owner and make sure you are added as an Admin.

🚧

Only configure Purchases SDK with your Public key

Never embed secret keys in your app or website

Keeping Secret Keys Safe

Your secret API key can be used to make any API call on behalf of your account, such as granting entitlement access and deleting users. You should only create secret keys if you need to use them and ensure they are kept out of any publicly accessible areas such as GitHub, client-side code, and so forth.

Adding and removing keys

You can create as many secret keys as you need, and secret keys can be deleted at any time. When a secret key is deleted, it's invalidated immediately and can no longer make any requests.

Next Steps

Updated about a year ago


Authentication


Manage your API keys to authenticate with RevenueCat

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.