Skip to main content

API Keys

All API requests require authentication using an API key. Include your key in the Authorization header using the Bearer scheme.

Authentication Header

Authorization: Bearer dpl_live_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

API Key Format

Doppel API keys follow a specific format:
PrefixEnvironmentExample
dpl_live_Productiondpl_live_abc123xyz789...
dpl_test_Testing/Sandboxdpl_test_abc123xyz789...

Making Authenticated Requests

curl -X GET "https://api.getdoppel.ai/api/v1/clinics" \
  -H "Authorization: Bearer dpl_live_YOUR_API_KEY"

Scopes

API keys have specific scopes that determine what resources they can access:
ScopeDescription
interactions:readRead interaction data (calls, conversations)
metrics:readAccess aggregated metrics and analytics
campaigns:readView campaign information
clinics:readList clinic details
By default, API keys are created with all read scopes enabled. Contact your account manager if you need to modify scopes.

Clinic Restrictions

API keys can optionally be restricted to specific clinics. When restricted:
  • The key can only access data for the specified clinics
  • Requests for other clinics will return empty results
  • This is useful for multi-location integrations

Security Best Practices

Treat your API key like a password. Never expose it publicly.

Do’s

  • Store API keys in environment variables
  • Use server-side code to make API calls
  • Rotate keys periodically
  • Use separate keys for development and production

Don’ts

  • Never commit API keys to version control
  • Never expose keys in client-side JavaScript
  • Never share keys via email or chat
  • Never use production keys for testing

Error Responses

Missing Authorization Header

{
  "success": false,
  "error": {
    "code": "UNAUTHORIZED",
    "message": "Missing Authorization header. Expected: Bearer <api_key>"
  },
  "request_id": "...",
  "timestamp": "..."
}

Invalid API Key

{
  "success": false,
  "error": {
    "code": "INVALID_API_KEY",
    "message": "Invalid API key"
  },
  "request_id": "...",
  "timestamp": "..."
}

Expired API Key

{
  "success": false,
  "error": {
    "code": "API_KEY_EXPIRED",
    "message": "API key has expired"
  },
  "request_id": "...",
  "timestamp": "..."
}

Getting an API Key

To obtain an API key:
  1. Contact your Doppel account manager
  2. Specify your use case and required scopes
  3. Receive your key via secure channel
  4. Store it securely and start integrating!