Best Practices

This guide contains the best practices for using Murf API. These practices will help you get the most out of the API and ensure that your applications are performant, reliable, and secure.

API keys are used to authenticate requests to the Murf API. It is important to keep your API keys secure to prevent unauthorized access to your account and data. Here are some best practices for keeping your API keys safe:

Never deploy your key in client-side environments like browsers or mobile apps.

If API keys are stored on the client side, they may be exposed to malicious actors - who can use them to make unauthorized requests on your behalf. This will result in unexpected charges and potential data breaches. When writing Murf API logic in client-side code, you can use a server-side application that generates a token for the client to use. The requests from the client can then be authenticated using this token.

Store your API keys as environment variables

To keep your API keys secure, store them as environment variables in your application. This will prevent you from accidentally exposing your keys in your codebase.

$# Export an environment variable on macOS or Linux systems
>export MURF_API_KEY="your_api_key_here"

Alternatively you can use a key management service to securely store and manage your API keys.

Monitor your API usage

Regularly monitor your API usage to detect any unusual activity from your usage dashboard. If you notice any unexpected spikes in usage, it may indicate that your API key has been compromised. In such cases, you should immediately revoke the key and generate a new one. Rotate your API keys regularly to minimize the risk of unauthorized access.

Built with