We Built a Public API With Test/Live Key Isolation. Here's How It Works Under the Hood.

1 / 2

We Built a Public API With Test/Live Key Isolation. Here's How It Works Under the Hood.

DEV Community·Eugen·about 1 month ago

#91p9sWH5

#why #api #fullscreen #test #products #live

Reading 0:00

15s threshold

Most API platforms give you test keys and live keys. Stripe does it. Twilio does it. It feels like magic - you test against a sandbox, flip to production, and nothing leaks. We just shipped a Public REST API for PaperLink - a document sharing and analytics platform. Our test/live isolation uses the simplest possible architecture: one boolean column in the same table. No separate databases, no shadow schemas, no data duplication. Here's how it works, why it's safe, and what the actual requests look like. The two keys When you create an API key in PaperLink, you pick a mode: Live - operates on production data Test - operates on an isolated sandbox The keys look different on purpose: Live: pk_live_AbC123XyZ789... Test: pk_test_xyZ987AbC321... Enter fullscreen mode Exit fullscreen mode You see which one you're using before you paste it anywhere. What "isolation" actually means Test and live products live in the same Postgres table.…

Continue reading — create a free account

Join HashtagPLUS to read full articles, follow hashtags, vote, and join the conversation.

Create free account Log in

Menu

We Built a Public API With Test/Live Key Isolation. Here's How It Works Under the Hood.