Skip to main content

Overview

All Brew SDK requests require authentication using an API key. The SDKs send your API key in the X-API-Key header with every request.

Getting Your API Key

1

Open Settings

In Brew, navigate to Settings → API from the sidebar.
2

Generate a Key

Click Generate Key and give it a descriptive name like “Production App” or “Development”.
3

Copy and Store

Copy your API key immediately. For security reasons, you won’t be able to see the full key again.
Keep your API key secure. Never share it publicly, commit it to version control, or use it in client-side code. Always store API keys in environment variables or a secrets manager.

Setting Up Authentication

The simplest and most secure way to configure your API key is through environment variables. Both SDKs automatically read from BREW_SDK_API_KEY. 
# Add to your .env file or shell profile
export BREW_SDK_API_KEY="your_api_key_here"

import BrewSDK from 'brew-sdk';

// Automatically uses BREW_SDK_API_KEY from environment
const client = new BrewSDK();

Explicit Configuration

You can also pass the API key directly when creating the client: 
import BrewSDK from 'brew-sdk';

const client = new BrewSDK({
  apiKey: 'your_api_key_here',
});
If you pass apiKey explicitly, it takes precedence over the environment variable.

Environment Variables

Both SDKs support these environment variables:
VariableDescriptionDefault
BREW_SDK_API_KEYYour Brew API keyNone (required)
BREW_SDK_BASE_URLOverride the API base URLhttps://brew.new/api
BREW_SDK_LOGLog level (debug, info, warn, error, off)warn

Example .env File

# .env
BREW_SDK_API_KEY=brew_xxxxxxxxxxxxxxxxxxxxx
BREW_SDK_LOG=debug  # Optional: enable debug logging
Use a package like dotenv to load environment variables:
import 'dotenv/config';
import BrewSDK from 'brew-sdk';

const client = new BrewSDK();

Verifying Your API Key

You can verify your API key is working by making a simple API call: 
import BrewSDK from 'brew-sdk';

const client = new BrewSDK();

try {
  // Try to get API documentation (a simple read-only call)
  const docs = await client.send.transactional.documentation();
  console.log('API key is valid!');
} catch (error) {
  if (error instanceof BrewSDK.AuthenticationError) {
    console.error('Invalid API key');
  } else {
    throw error;
  }
}

Security Best Practices

Add .env to your .gitignore file:
# .gitignore
.env
.env.local
.env.*.local
Generate separate API keys for development, staging, and production. This limits the blast radius if a key is compromised.
Regularly rotate your API keys, especially if team members leave or you suspect a key may have been exposed.
For production deployments, use a secrets manager like:
  • AWS Secrets Manager
  • Google Cloud Secret Manager
  • HashiCorp Vault
  • Doppler
API keys should only be used in server-side code. If you need to make API calls from a frontend, route them through your backend.

Troubleshooting

”Could not resolve authentication method” Error

This error occurs when no API key is provided. Make sure:
  1. The BREW_SDK_API_KEY environment variable is set
  2. Or you’re passing apiKey when creating the client
// Check if the environment variable is set
console.log('API Key exists:', !!process.env.BREW_SDK_API_KEY);

401 Unauthorized Response

If you receive a 401 error:
  1. Verify your API key is correct (no extra spaces or characters)
  2. Check that the key hasn’t been revoked in the Brew dashboard
  3. Ensure you’re using the correct format (just the key, not Bearer prefix)

Need Help?

Our team is ready to support you at every step of your journey with Brew. Choose the option that works best for you:

Search Documentation

Type in the “Ask any question” search bar at the top left to instantly find relevant documentation pages.

ChatGPT/Claude Integration

Click “Open in ChatGPT” at the top right of any page to analyze documentation with ChatGPT or Claude for deeper insights.