Authentication & security
API Keys
Section titled “API Keys”Find your API key in:
Dashboard → Settings → API Keys
You can include it as either:
Authorization: Bearer YOUR_API_KEYX-Dispatcher-API-Key: YOUR_API_KEY
Webhook Verification
Section titled “Webhook Verification”For platforms that support request signing (including Retell and Vapi), Dispatcher verifies webhook signatures before processing requests.
Security Best Practices
Section titled “Security Best Practices”- Keep API keys out of source control
- Rotate keys immediately if exposed
- Use HTTPS endpoints only
- Use separate keys for staging and production
- Add idempotency identifiers (such as call IDs) to prevent duplicate dispatches