Authentication

MockAfrica uses API keys for authenticated access. The Sandbox tier is always free - no account needed. Anonymous requests are rate-limited to 100 requests per day per IP address.

Getting a key

No passwords. Enter your email, click the link we send, and your key is waiting on the dashboard. The whole flow takes under a minute.

Get your free API key →

Using your key

Pass the key in the X-API-Key header on every request. Requests without a key are served at the Sandbox rate limit.

curl https://api.mockafrica.com/v1/person \
  -H "X-API-Key: mfa_builder_<your_key>"

Key format

Keys follow the format mfa_<tier>_<random>, for example:

mfa_builder_X7kP2mNqR8vLwYjA...

The raw key is shown exactly once - when you first verify your email. Copy it immediately. If you lose it, rotate your key from the dashboard to generate a new one. Only a hash of the key is ever stored on our servers.

Key rotation

You can rotate your key from the dashboard at any time. The old key stops working immediately. Rotation is instant.

Error responses

An invalid or missing key on a protected endpoint returns:

HTTP/1.1 401 Unauthorized
{
  "error":  "invalid or missing API key",
  "code":   "INVALID_API_KEY",
  "status": 401
}