All API requests require an API key passed via the Authorization header using the Bearer scheme.
Authorization: Bearer YOUR_API_KEY
Creating a key
- Go to encrata.com/api-keys
- Click Create Key
- Copy the key — it’s only shown once
Key behavior
| Behavior | Detail |
|---|
| Format | Opaque string |
| Scope | Tied to your user account |
| Revocation | Instant — revoked keys are rejected immediately |
| Usage tracking | Every request is logged with credits consumed and response time |
Example request
curl -X POST https://encrata.com/api/agent/lookup \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{"email": "test@example.com"}'
Error responses
If authentication fails, the API returns:
Standard endpoints:
{
"error": "Unauthorized"
}
{
"c": 401,
"m": "bad key"
}
Keep your API key secret. Do not commit it to version control or expose it in client-side code.
