> For the complete documentation index, see [llms.txt](https://docs.envio.dev/llms.txt).

import Tabs from "@theme/Tabs";
import TabItem from "@theme/TabItem";

# API Tokens for HyperSync

## Overview

API tokens provide authenticated access to HyperSync services, enabling enhanced capabilities and usage tracking.

HyperSync implements **rate limits for requests without API tokens**. API tokens will be required from **3 November 2025**. Indexers deployed to Envio Cloud will have special access to HyperSync that does not require a custom API token.

## Table of Contents

- [Generating API Tokens](#generating-api-tokens)
- [Implementation Guide](#implementation-guide)
- [Security Best Practices](#security-best-practices)

## Generating API Tokens

You can generate API tokens through the Envio Dashboard:

1. Visit [https://envio.dev/app/api-tokens](https://envio.dev/app/api-tokens)
2. Sign in to your account (or create one if you don't have one)
3. Follow the prompts to create a new token
4. Copy and securely store your token

## Implementation Guide

To use an API token, pass it as a `bearer_token` when creating a HyperSync client:

<Tabs>
  <TabItem value="typescript" label="TypeScript/JavaScript">

```typescript
const client = new HypersyncClient({
  url: "https://eth.hypersync.xyz",
  apiToken: process.env.ENVIO_API_TOKEN!,
});
```

  </TabItem>
  <TabItem value="python" label="Python">

```python
client = hypersync.HypersyncClient(hypersync.ClientConfig(
    url="https://eth.hypersync.xyz",
    bearer_token=os.environ.get("ENVIO_API_TOKEN")
))
```

  </TabItem>
  <TabItem value="rust" label="Rust">

```rust
let client = Client::new(ClientConfig {
    api_token: std::env::var("ENVIO_API_TOKEN").expect("ENVIO_API_TOKEN must be set"),
    ..Default::default()
}).unwrap()
```

  </TabItem>
</Tabs>

## Understanding Usage

To understand your current month's usage, visit [https://envio.dev/app/api-tokens](https://envio.dev/app/api-tokens). Usage is composed of two main components:

- **Number of Requests**: The total count of API requests made.
- **Credits**: A comprehensive calculation that takes into account multiple factors including data bandwidth, disk read operations, and other resource utilization metrics. This provides the most accurate representation of actual service usage. We're happy to provide more detailed breakdowns of the credit calculation upon request.

## Security Best Practices

When working with API tokens:

- **Never commit tokens to git repositories**
- **Use environment variables** to store tokens instead of hardcoding
- **Add token files like `.env` to your `.gitignore**
- **Rotate tokens periodically** for enhanced security
- **Limit token sharing** to only those who require access

```bash
# Example .env file
ENVIO_API_TOKEN=your_secret_token_here
```

This approach keeps your tokens secure while making them available to your application at runtime.