Skip to main content
To connect to Vayu and get your API credentials, follow these steps:
  1. Log into Vayu at http://app.withvayu.com
  2. Navigate to the Integrations section
  3. Click “Connect” on the Vayu card
A side pane will open with two important fields:
  1. Client ID - Identifies your organization on every request (x-api-key header)
  2. API Token - A long-lived token used to obtain short-lived access tokens via the /login endpoint
Copy the API Token immediately — it won’t be shown again after you close the pane.

How authentication works

Vayu uses a two-token model:
TokenWhere it comes fromLifetimeHow it’s used
API Token (refresh token)Vayu dashboardLong-livedSent to POST /login to get an access token
Access tokenPOST /login response1 hourSent as Authorization: Bearer <token> on every API call
The SDKs handle this exchange automatically — pass your API Token when initializing the client and the SDK calls /login and refreshes the access token as needed.

Important Notes

  • You can only have one active API Token at a time
  • To rotate your API Token: revoke the existing one, then generate a new one from the same place

Using Your Credentials

With the Vayu SDK

The SDKs handle the full token lifecycle — just pass your API key and start making calls. 
import { Vayu } from 'vayu-ts';

const vayu = new Vayu(process.env.VAYU_API_KEY);

// Start using the client — authentication is automatic
const customers = await vayu.customers.list();
For installation and more examples, see the SDK section.

Direct API Usage

Every request needs two headers:
  • x-api-key: <your Client ID>
  • Authorization: Bearer <access token> (obtained from POST /login)
Make sure to keep your Client ID and API Token secure and never expose them in client-side code.

Full example — obtaining and using an access token

# Step 1 — Exchange your API Token for a short-lived access token
ACCESS_TOKEN=$(curl -s -X POST "https://connect.withvayu.com/login" \
  -H "Content-Type: application/json" \
  -H "x-api-key: $VAYU_CLIENT_ID" \
  -d "{\"refreshToken\": \"$VAYU_API_TOKEN\"}" | jq -r '.accessToken')

# Step 2 — Use the access token on subsequent requests
curl "https://connect.withvayu.com/customers" \
  -H "Authorization: Bearer $ACCESS_TOKEN" \
  -H "x-api-key: $VAYU_CLIENT_ID"
Access tokens expire after 1 hour. If using a raw HTTP client, re-call /login when you receive a 401 response. The SDKs handle this automatically.