API Key: Your credential for the BunnyBuild API. It identifies your account and authorizes requests. IMPORTANT: Without a valid API key, requests will be rejected with 401 Unauthorized.

How authentication works

Security check endpoints (POST /email/check and POST /ip/check) use API key authentication only.
HeaderRequiredValue
X-API-KeyYesYour API key (starts with sec4_)
Content-TypeYesapplication/json
AcceptRecommendedapplication/json

Where to send the key

All requests go to the same base URL (https://api.bunny.build/api/v1). The environment or plan is determined by the API key you use.

Authentication errors

The API returns HTTP 401 when:
  • The API key is missing from the header
  • The key is invalid
  • The key has been revoked

Getting an API key

  1. Sign in to the BunnyBuild Dashboard
  2. Complete your profile if prompted
  3. Create an API token and copy it — it is shown only once
  4. Store the key in a secure place (e.g. environment variables or a secrets manager)

Security best practices

  • Store keys in environment variables or a secrets manager
  • Never commit API keys to version control or expose them in client-side code
  • BunnyBuild will never ask for your key
  • Revoke any key that may have been compromised

Example

curl -X POST https://api.bunny.build/api/v1/email/check \
  -H "X-API-Key: sec4_your_api_key" \
  -H "Content-Type: application/json" \
  -d '{"email": "[email protected]"}'

Error responses

StatusMeaning
401Missing or invalid API key. Include a valid X-API-Key header.
402Quota exceeded. Upgrade your plan or wait for the next period.
403Account deactivated. Contact support.