Skip to main content

Overview

DeepRecall API uses API key authentication for all requests (except the public /health endpoint). Your API key identifies your account and tracks your usage.

API Key Format

All DeepRecall API keys start with the prefix dr_live_: 
dr_live_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
The dr_live_ prefix indicates a production API key. Test keys (coming soon) will use dr_test_.

Getting Your API Key

DeepRecall is currently invite-only. Access is granted to qualified organizations working on product safety and compliance.
1

Request Access

Fill out the early access form with your use case and organization details
2

Receive Your API Key

Once approved, you’ll receive your API key via secure email
3

Save Securely

Store your API key in a secure location:
  • Environment variables
  • Secrets manager (AWS Secrets Manager, HashiCorp Vault, etc.)
  • Encrypted configuration
Your API key is shown only once. Never commit it to version control or expose it publicly!

Using Your API Key

Include your API key in the X-API-Key header with every request: 
curl -X GET "https://api.deeprecall.io/v1/recalls/feed" \
  -H "X-API-Key: dr_live_your_api_key_here"

Security Best Practices

Never commit API keys to version control. Use environment variables or a secrets manager.
.env
DEEPRECALL_API_KEY=dr_live_your_api_key_here
Load from environment
import os

api_key = os.getenv("DEEPRECALL_API_KEY")
Generate separate API keys for:
  • Development - For local testing
  • Staging - For pre-production testing
  • Production - For live applications
This lets you rotate keys without affecting other environments.
For security, rotate your API keys periodically:
  1. Contact us to request a new API key
  2. Update your application with the new key
  3. Test thoroughly
  4. Confirm the old key can be revoked
Monitor your API usage by checking the rate_limit field in each API response:
  • monthly_usage - Your current month’s API calls
  • remaining_credits - Credits remaining in your quota
  • monthly_quota - Your total monthly allocation
Contact us for detailed usage reports or alerts.
Never use your API key in:
  • Frontend JavaScript
  • Mobile apps
  • Public repositories
Always proxy requests through your backend server.

API Key Permissions

Each API key has associated permissions based on your account:

Data Source Access

Your API key is authorized for specific data sources based on your account configuration:
Check your authorized sources
curl -X GET "https://api.deeprecall.io/v1/recalls/sources" \
  -H "X-API-Key: dr_live_your_api_key_here"
Trying to access unauthorized data sources will return a 403 Forbidden error.

Custom Endpoints

Some clients have access to custom data formats (e.g., /v1/recalls/feed/shein). These require special authorization in your account.
Contact us to discuss custom data formats:
[email protected]

Authentication Errors

Invalid API Key (401)

{
  "detail": {
    "error": "invalid_api_key",
    "message": "Invalid or missing API key",
    "help": "Provide a valid API key using the X-API-Key header..."
  }
}
Common causes:
  • Missing X-API-Key header
  • Incorrect API key format
  • Deleted or revoked API key
  • Expired API key (if applicable)

Unauthorized Access (403)

{
  "detail": {
    "error": "unauthorized_data_sources",
    "message": "You don't have access to the requested data sources",
    "details": {
      "requested": ["us_fda"],
      "authorized": ["us_cpsc", "uk_opss"]
    }
  }
}
Solution: Check your authorized data sources or contact us to request additional access.

Quota Exceeded (429)

{
  "detail": {
    "error": "quota_exceeded",
    "message": "Monthly API quota exceeded",
    "details": {
      "quota": 50000,
      "usage": 50000
    }
  }
}
Solution: Wait until next month for quota reset or contact us to request additional quota.

Managing API Keys

Revoke a Key

Revoked keys cannot be restored. Any requests using a revoked key will fail immediately.
Contact us immediately to revoke and replace your key:
[email protected]

Request Additional Keys

Need separate keys for dev, staging, production? Contact us:
[email protected]

Rate Limits

All API keys have standard rate limits:
  • 60 requests per minute
  • 1,000 requests per hour
  • 10,000 requests per day
  • 50,000 requests per month
Contact us for custom quotas:
[email protected]
Learn more about rate limits →

Need Help?

For API key issues, access requests, or questions:
[email protected]