Client-Side API Keys Developer Guide
Overview
Repliers now supports client-side API keys, enabling faster search performance and simplified implementation by allowing direct API calls from your frontend applications. This approach eliminates the need for server-side proxying while maintaining security through our API firewall that automatically scans IP addresses and traffic patterns. You can read more about this feature in our blog.
Key Benefits
Performance Improvements: Direct client-to-API communication reduces latency by eliminating the server middleware layer, resulting in significantly faster search responses.
Simplified Architecture: Remove the complexity of server-side API proxying and authentication handling from your backend infrastructure. This is particularly beneficial for modern frontend applications, rapid prototyping, and "vibe coded" applications where developers prioritize quick iteration and direct implementation over complex backend architectures. Server-side proxies aren't commonly used in these development approaches.
Enhanced User Experience: Faster search results improve user engagement and application responsiveness.
Security Model
Client-side API keys are protected by our advanced security infrastructure:
- API Firewall Protection: Automatic IP address scanning and traffic pattern analysis detects and blocks suspicious activity
- Domain Configuration: Optional additional layer where you can specify allowed domains for your API key
- Safe Client-Side Usage: Keys can be embedded in client-side code since the primary security relies on our firewall systems
Getting Started
Step 1: Generate a Client-Side API Key
- Navigate to the Repliers Developer Portal
- Go to API Keys section
- Click Create New Key
- Select Client-Side as the key type
- Configure your allowed domains
- Save and copy your new API key
Step 2: Configure Base URL and Implementation
When using client-side API keys, you must use the client-side API base URL https://csr-api.repliers.io
instead of the standard https://api.repliers.com
endpoint.
Make direct client-side requests to the Repliers API, including your client-side API key in the request parameters. You can use this approach alongside existing server-side implementations when needed for other functionality.
Important: Not all API endpoints are available for client-side use. Endpoints that return sensitive information (such as clients and agents endpoints) should continue to use server-side proxies with regular API keys to protect sensitive data.
Security Considerations
- Environment Management: Use different API keys for development, staging, and production
- Key Rotation: Periodically rotate your API keys as part of security best practices
Need Help?
For questions about client-side API keys please reach out to our support team.
Updated on: 02/07/2025
Thank you!