Authentication Guide

Learn how to authenticate and authorize requests to the ContactList API.

API Keys

ContactList uses API keys to authenticate requests. You can view and manage your API keys in the dashboard.

Creating an API Key

• Log in to your ContactList dashboard
• Navigate to Settings → API Keys
• Click "Create New API Key"
• Give your key a descriptive name
• Copy the key immediately (you won't be able to see it again)

Security Tip: Never commit API keys to version control. Always use environment variables or secure secret management tools.

Using API Keys

Include your API key in the Authorization header of every request:

cURL Example

curl -X GET https://api.contactlist.io/v1/contacts \
  -H "Authorization: Bearer YOUR_API_KEY"

JavaScript Example

fetch('https://api.contactlist.io/v1/contacts', {
  headers: {
    'Authorization': 'Bearer YOUR_API_KEY'
  }
})
  .then(response => response.json())
  .then(data => console.log(data));

Python Example

import requests

headers = {
    'Authorization': 'Bearer YOUR_API_KEY'
}

response = requests.get(
    'https://api.contactlist.io/v1/contacts',
    headers=headers
)

print(response.json())

Key Permissions

When creating an API key, you can set specific permissions:

• Read: Allows reading contacts and data
• Write: Allows creating and updating contacts
• Delete: Allows deleting contacts
• Admin: Full access to all operations

Key Rotation

For security best practices, rotate your API keys regularly:

• Create a new API key
• Update your applications to use the new key
• Verify everything is working
• Delete the old API key

Security Best Practices

• Never share your API keys
• Use different keys for different applications
• Rotate keys regularly
• Monitor key usage in the dashboard
• Revoke compromised keys immediately

Next Steps

Now that you understand authentication, check out our API Reference to see what you can do with the API.