Branding & integrations
API keys
API keys let an external club website communicate securely with Omoplata. Through the Integration API your website can show your live timetable and pull trial sign-ups straight into your club -- with no manual upkeep.
Navigate to Settings > API keys to manage your keys.
How it works
The Integration API is a server-to-server interface: your website's backend calls the API with the API key -- never the visitor's browser directly. That keeps the key secret on the server.
Visitor's browser
│ (HTML/JS)
▼
External club website (SvelteKit / Nuxt / …)
│ Authorization: Bearer {api_key}
▼
Omoplata Integration API ←→ Club database
Each key belongs to your club only. Typical uses:
| Option | Description |
|---|---|
| Show your timetable | display your club's classes and sessions live on your website. |
| Trial sign-up form | create leads in Omoplata from sign-ups submitted on your website. |
Creating a key
Create a new API key in settings. The plaintext key is shown only once -- right after you create it. Copy it immediately and store it securely in your website's server configuration. Only a hash is stored internally; the key itself cannot be retrieved again later.
Keep keys secret
Never expose an API key in the browser or in client-side code. It belongs only in your website's backend. If a key is ever leaked, revoke it and create a new one.
Revoking a key
You can revoke a key at any time. Afterwards, all requests using that key are rejected -- create a new key and update your website's configuration.
For a full walkthrough of connecting your website, see Integrate with your website.