Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.saytics.com/llms.txt

Use this file to discover all available pages before exploring further.

Every request to the Saytics API must include your API key. Saytics uses two types of keys depending on where your code runs — one designed for client-side environments and one for server-side use only.

Key types

Write key — Safe to use in browser or mobile client-side code. Write keys can only track events and call identify(). They cannot access reports or delete data. Write keys use the prefix sk_write_. Secret key — Must never be exposed in client-side code or committed to source control. Secret keys have full API access, including reading reports and deleting users. Secret keys use the prefix sk_live_.

Finding your API keys

1

Log in to your Saytics dashboard

Go to app.saytics.com and sign in to your account.
2

Open Settings → API Keys

Navigate to Settings in the sidebar, then select API Keys.
3

Copy the key you need

Copy your write key for client-side code, or your secret key for server-side integrations.

How to authenticate

Pass your key in the Authorization header on every request: 
curl -X POST https://api.saytics.com/v1/events \
  -H "Authorization: Bearer sk_live_YOUR_SECRET_KEY" \
  -H "Content-Type: application/json" \
  -d '{ ... }'

Authentication errors

If authentication fails, the API returns a 401 status with one of the following error bodies: 
{
  "error": {
    "code": "invalid_key",
    "message": "The provided API key is invalid or revoked."
  }
}

{
  "error": {
    "code": "missing_key",
    "message": "Authorization header is required."
  }
}
Never commit API keys to source control. Store them in environment variables and reference them in your code: process.env.SAYTICS_SECRET_KEY

Rotating your API keys

To rotate a key without causing downtime:
  1. Create a new key in Settings → API Keys.
  2. Update your application or environment variables to use the new key.
  3. Deploy your changes and verify requests are succeeding.
  4. Revoke the old key from the dashboard.
Creating the new key before revoking the old one ensures your integration remains uninterrupted throughout the rotation.