Authentication

Learn how to generate and use API keys to authenticate requests to the Brewgenix REST API.

The Brewgenix REST API uses long-lived API keys for authentication. Each key is scoped to a single brewery account and grants access to that account's data.

Generating an API Key

Open your brewery account in Brewgenix.
Navigate to Settings → API Keys.
Click Generate API Key.
Enter a descriptive name (e.g. "Home Automation" or "My Brewing App").
Click Generate.

The full key is shown once. Copy it and store it somewhere safe - it cannot be retrieved again. If you lose it, revoke it and generate a new one.

Using Your API Key

Pass the key as a Bearer token in the Authorization header of every request:

Authorization: Bearer bgx_<your-key>

Example with curl

curl https://app.brewgenix.com/api/v1/{account}/hops \
  -H "Authorization: Bearer bgx_<your-key>"

Replace {account} with your brewery's account slug (visible in the URL when you are logged in).

Example with JavaScript (fetch)

const response = await fetch('https://app.brewgenix.com/api/v1/my-brewery/hops', {
  headers: {
    Authorization: 'Bearer bgx_<your-key>',
  },
});

const { data, count } = await response.json();

Revoking an API Key

Navigate to Settings → API Keys, locate the key you want to remove, and click the trash icon. Revoked keys stop working immediately. This action cannot be undone - if you need access again, generate a new key.

Security Notes

Treat your API key like a password. Do not commit it to version control or expose it in client-side code.
Each key is hashed with SHA-256 before storage. Brewgenix never stores the raw key.
Keys do not expire automatically - revoke any key you no longer need.
If you suspect a key has been compromised, revoke it immediately and generate a replacement.