Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.redem.io/llms.txt

Use this file to discover all available pages before exploring further.

API keys let you call the ReDem API from your own systems. When you create a key, you choose a permission level that defines which endpoints it may call.

Permission levels

You create keys with one of two permission levels:
LevelWhere to use itWhat it can call
PrivateBackend servers, secure automation, and integrations where the key never reaches a browser or end-user deviceAll ReDem API endpoints
PublicBrowser, mobile app, or any client-side integration where the key must be present on the deviceaddRespondent only
Use a public key when your integration cannot keep the key on a server—for example, a script or app that runs directly in the respondent’s browser or on their phone and submits data via addRespondent. Use a private key whenever the request originates from infrastructure you control (your backend, server-side survey tools, ETL jobs, etc.). Private keys unlock the full API (surveys, configuration, retrieval, and addRespondent).
Private API keys must never be embedded in frontend code, shipped in mobile apps, checked into repositories, or shared with third parties. If a private key is exposed—whether in logs, client bundles, or elsewhere—delete that key immediately in ReDem and create a new private key. Treat a leaked private key as compromised.
Public keys are designed to be visible on the client; they still authenticate your company and are subject to rate limits, but they cannot call endpoints other than addRespondent. Any other route requires a private key. In the API reference, each operation’s request body schema includes an Authentication note stating whether a private or public key is allowed.

Create API Key

You can create an API key by following these steps:
To create an API Key, you’ll need a ReDem account. Don’t have an account yet?
Get started by setting up your account.
1

Navigate to manage API Keys

Once you are logged in to ReDem Application, navigate to the API Keys section in your profile.

2

Create an API Key

Click on the “Create API Key” button to generate a new key.Give your API key a clear, descriptive name so you can identify its purpose later, and choose Private (server-side) or Public (browser / client) according to permission levels above.Once you’ve created an API key, copy it and store it somewhere safe. You will not be able to see it again after you leave the screen.
3

Go and connect with ReDem 🚀

Send the key in the api-key header on requests your integration is allowed to make (see your key’s permission level).

api-key: your_api_key_xxx

For submitting respondents from the client, use a public key with the addRespondent endpoint. For all other API calls, use a private key from your backend.

Best practices for API key management:
  • Use separate keys for testing and live surveys
  • Prefer a private key for server-side integrations; use a public key only when the key must live on the client.
  • If any key is compromised or exposed inappropriately, delete it immediately and generate a new one.

Rate limits

All API requests authenticated with api-key are subject to per-key rate limiting.
  • addRespondent:
    • Standard API keys: 1200 requests per minute
    • Premium API keys (configured per client): up to 1600 requests per minute
  • Other endpoints:
    • 1200 requests per minute
If you exceed the limit, you will receive a 429 response: 
{
  "error": "rate_limit_exceeded",
  "message": "This API key exceeded 1200 requests per minute.",
  "statusCode": 429
}