Skip to main content
Every request to the Tanvik API is authenticated with an API key scoped to your client account. There is no separate OAuth flow — generate a key from your dashboard and pass it as a bearer token.

Getting your API key

1

Open your dashboard

Go to Settings → API Keys in your Tanvik dashboard at app.tanvik.io. This page only appears if your plan includes API access (Pro and Enterprise).
2

Generate a key

Click Generate Key. Your key is shown once, prefixed tvk_live_.... Store it somewhere safe — Tanvik does not display the full key again.
3

Rotate if needed

If a key is exposed, rotate it from the same page. Rotating replaces the key immediately; requests using the old key start failing right away.

Making authenticated requests

Pass your key as a bearer token in the Authorization header on every request:
curl https://xwialxkobwygraiddimj.supabase.co/functions/v1/public-api/v1/messages \
  -H "Authorization: Bearer tvk_live_xxxxxxxxxxxxxxxx" \
  -H "Content-Type: application/json" \
  -d '{ "to": "+919876543210", "type": "text", "text": "Hello!" }'
Never expose your API key in client-side code (browser JS, mobile apps). Route requests to the Tanvik API through your own backend.

Key scoping

Each key is tied to one client account and inherits that account’s plan limits and enabled channels. If you manage multiple businesses on Tanvik, generate a separate key per account rather than sharing one.

Rate limits

Each key is limited to 120 requests per minute. Requests beyond that return 429 with a Retry-After header — see Errors for the exact response shape.