klaviyo-security-basics

Featured

Apply Klaviyo security best practices for API key management and access control. Use when securing API keys, configuring OAuth scopes, implementing webhook signature verification, or auditing Klaviyo security configuration. Trigger with phrases like "klaviyo security", "klaviyo secrets", "secure klaviyo", "klaviyo API key security", "klaviyo OAuth".

AI & Automation 2,266 stars 315 forks Updated today MIT

Install

View on GitHub

Quality Score: 99/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# Klaviyo Security Basics ## Overview Security best practices for Klaviyo: API key types, OAuth scopes, webhook HMAC-SHA256 signature verification, and secret rotation procedures. ## Prerequisites - Klaviyo account with API key access - Understanding of environment variables and secret management - Access to Klaviyo dashboard (Settings > API Keys) ## Instructions ### Step 1: Understand Key Types | Key Type | Format | Use Case | Sensitivity | |----------|--------|----------|-------------| | Private API Key | `pk_*` (40+ chars) | Server-side REST API | **CRITICAL** -- never expose client-side | | Public API Key | 6 alphanumeric chars | Client-side Track/Identify only | Low -- safe in browser JS | Private keys authenticate via `Authorization: Klaviyo-API-Key pk_***` header. Public keys pass as `company_id` query parameter. ### Step 2: Environment Variable Configuration ```bash # .env (NEVER commit) KLAVIYO_PRIVATE_KEY=pk_*************************************** KLAVIYO_PUBLIC_KEY=UXxxXx KLAVIYO_WEBHOOK_SIGNING_SECRET=whsec_************************* # .gitignore -- mandatory entries .env .env.local .env.*.local ``` ```typescript // src/config/klaviyo.ts -- validated config loader function requireEnv(name: string): string { const value = process.env[name]; if (!value) throw new Error(`Missing required env: ${name}`); return value; } export const klaviyoConfig = { privateKey: requireEnv('KLAVIYO_PRIVATE_KEY'), publicKey: process.env.KLAVIYO_PUBLIC_KEY || '', ...

Details

Author
jeremylongshore
Repository
jeremylongshore/claude-code-plugins-plus-skills
Created
7 months ago
Last Updated
today
Language
Python
License
MIT

Integrates with

Anthropic · AI REST API · API

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Featured

elevenlabs-security-basics

Apply ElevenLabs security best practices for API keys, webhook HMAC validation, and voice data protection. Use when securing API keys, validating webhook signatures, or auditing ElevenLabs security configuration. Trigger: "elevenlabs security", "elevenlabs secrets", "secure elevenlabs", "elevenlabs API key security", "elevenlabs webhook signature", "elevenlabs HMAC".

2,266 Updated today
jeremylongshore
AI & Automation Featured

klaviyo-install-auth

Install and configure Klaviyo Node.js SDK with API key authentication. Use when setting up a new Klaviyo integration, configuring API keys, or initializing the klaviyo-api package in your project. Trigger with phrases like "install klaviyo", "setup klaviyo", "klaviyo auth", "configure klaviyo API key", "klaviyo SDK setup".

2,266 Updated today
jeremylongshore
AI & Automation Featured

apollo-security-basics

Apply Apollo.io API security best practices. Use when securing Apollo integrations, managing API keys, or implementing secure data handling. Trigger with phrases like "apollo security", "secure apollo api", "apollo api key security", "apollo data protection".

2,266 Updated today
jeremylongshore
AI & Automation Featured

clay-security-basics

Apply Clay security best practices for API keys, webhook secrets, and data access control. Use when securing Clay integrations, rotating API keys, auditing access, or implementing webhook authentication. Trigger with phrases like "clay security", "clay secrets", "secure clay", "clay API key security", "clay webhook security".

2,266 Updated today
jeremylongshore
AI & Automation Featured

documenso-security-basics

Implement security best practices for Documenso document signing integrations. Use when securing API keys, configuring webhooks securely, or implementing document security measures. Trigger with phrases like "documenso security", "secure documenso", "documenso API key security", "documenso webhook security".

2,266 Updated today
jeremylongshore