Authentication

How to authenticate with the postcore API

Authentication

All postcore API requests require authentication using an API key.

Getting an API Key

  1. Sign in to your dashboard
  2. Click "Create API Key"
  3. Give it a descriptive name (e.g., "Production", "Development")
  4. Copy the key immediately (it won't be shown again)

Using Your API Key

Include your API key in the x-api-key header with every request:

curl https://api.postcore.dev/profiles \
  -H "x-api-key: your_api_key_here"
fetch("https://api.postcore.dev/profiles", {
  headers: {
    "x-api-key": process.env.POSTCORE_API_KEY,
    // ... other headers
  },
  // ... other options
});

Security Best Practices

  • Never commit API keys to version control
  • Use environment variables to store keys
  • Rotate keys regularly (every 90 days recommended)
  • Delete unused keys immediately
  • Use separate keys for development and production

Managing Keys

Creating: Click "Create API Key" in your dashboard and provide a name.

Deleting: Click the delete icon next to any key. Deleted keys stop working immediately.

Rotating: Create a new key → Update your app → Test → Delete the old key.

Error Responses

Missing API Key

{
  "error": "MISSING_API_KEY",
  "message": "API key is required in x-api-key header"
}

Status Code: 401 Unauthorized

Invalid API Key

{
  "error": "INVALID_API_KEY",
  "message": "Invalid API key"
}

Status Code: 401 Unauthorized

Quick Start

Get started with postcore in 5 minutes

Overview

Manage your connected social media profiles

On this page

AuthenticationGetting an API KeyUsing Your API KeySecurity Best PracticesManaging KeysError ResponsesMissing API KeyInvalid API Key