Authentication
Nadi uses two types of keys to authenticate requests and identify your applications.
Key Types
API Key
The API Key authenticates requests to the Nadi API. It's associated with your user account and should be kept secret.
Characteristics:
- Unique to your account
- Used by Shipper to authenticate API requests
- Should never be exposed in client-side code
- Can be regenerated (invalidates old key)
Application Key (App Key)
The Application Key identifies which application the error data belongs to. Each application in Nadi has its own App Key.
Characteristics:
- Unique to each application/project
- Used by SDKs to tag events
- Can be used in client-side code (JavaScript SDK)
- Creates data isolation between projects
Getting Your Keys
Step 1: Create an Account
- Go to nadi.pro
- Sign up for a new account or log in
- Complete the onboarding process
Step 2: Create Your API Key
- Go to API Tokens
- Create a new API token
- Copy your API Key
Keep Your API Key Secret
Your API Key has full access to your account. Never commit it to version control or expose it in client-side code.
Step 3: Create an Application
- From the dashboard, click New Application
- Enter your application name and details
- Open the application page (e.g.,
https://nadi.pro/applications/<your-app-uuid>) - Copy the Application Key from the application details
Step 4: Configure Your Environment
Store your keys securely using environment variables:
# .env file (never commit to git)
NADI_API_KEY=your-api-key-here
NADI_APP_KEY=your-application-key-hereUsing Keys in SDKs
Laravel
The Laravel SDK reads keys from your .env file:
NADI_API_KEY=nadi_api_xxxxxxxxxxxxx
NADI_APP_KEY=nadi_app_xxxxxxxxxxxxxOr configure in config/nadi.php:
return [
'api_key' => env('NADI_API_KEY'),
'app_key' => env('NADI_APP_KEY'),
];PHP
use Nadi\Client;
$client = new Client([
'apiKey' => getenv('NADI_API_KEY'),
'appKey' => getenv('NADI_APP_KEY'),
]);JavaScript
For browser applications, only the App Key is needed:
import { init } from '@nadi-pro/browser'
init({
appKey: 'nadi_app_xxxxxxxxxxxxx',
// API key is NOT used in browser SDK
})JavaScript SDK Security
The JavaScript SDK uses your App Key to identify events. It doesn't require your API Key because browser-side code cannot be secured. The Shipper agent handles API authentication when sending events to Nadi.
WordPress
- Go to Settings → Nadi in WordPress admin
- Enter both keys in the settings form
- Click Save Changes
Shipper
Configure keys in nadi.yaml:
nadi:
apiKey: nadi_api_xxxxxxxxxxxxx
token: nadi_app_xxxxxxxxxxxxx # This is your App KeyKey Rotation
Rotating Your API Key
If your API Key is compromised:
- Go to API Tokens
- Click Regenerate API Key
- Update all Shipper configurations with the new key
- Restart Shipper instances
Immediate Invalidation
Regenerating your API Key immediately invalidates the old key. Update all configurations before regenerating to avoid service interruption.
Rotating Application Keys
Application keys can be rotated per-application:
- Go to the application settings
- Click Regenerate App Key
- Update SDK and Shipper configurations
- Redeploy your application
Security Best Practices
Do
- Store keys in environment variables
- Use separate applications for different environments (dev, staging, prod)
- Rotate keys periodically
- Use secrets management in CI/CD
Don't
- Commit keys to version control
- Share API keys between team members
- Use production keys in development
- Log or print keys in error messages
Environment Separation
Create separate applications for each environment:
| Environment | Application Name | Purpose |
|---|---|---|
| Development | my-app-dev | Local development |
| Staging | my-app-staging | QA and testing |
| Production | my-app-prod | Live environment |
This ensures:
- Development errors don't clutter production data
- Different alert configurations per environment
- Clear separation for debugging
Troubleshooting
"Invalid API Key" Error
- Verify the API key is correct
- Check for extra whitespace
- Ensure the key hasn't been regenerated
- Confirm you're using the right account
"Application Not Found" Error
- Verify the Application Key is correct
- Ensure the application hasn't been deleted
- Check you're using the correct environment's key
Shipper Connection Issues
Test connectivity:
bashcurl -H "Authorization: Bearer YOUR_API_KEY" \ https://nadi.pro/api/healthVerify YAML syntax:
bashshipper --config /path/to/nadi.yaml --validate
Next Steps
- Quick Start - Complete the setup
- Shipper Configuration - Configure the agent
- SDK Documentation - Integrate with your application