API keys automatically expire after 90 days of inactivity (not interacting with our API or listening to webhooks).

API

Guilds API uses API Key authentication. Each guild has its own unique API Key and App ID, which must be included in the request headers. To authenticate, include the following headers in your requests. 
Guilds-Api-Key : YOUR_API_KEY
Guilds-App-Id  : YOUR_APP_ID
Your API key can be accessed and re-generated from your server webhook page
All API requests must be made over HTTPS.

Webhooks

Webhooks use a separate token for verifying that requests are genuinely from us. To confirm the authenticity of a webhook request, check the Authorization header and ensure it matches the webhook token provided on the webhooks page when editing your server.