API Key Authentication
The Pure API v2 uses API key authentication for all requests. You’ll need to include your API key in the x-api-key header with every request.
Getting Your API Key
To obtain an API key for the v2 API:
- Contact our support team at [email protected]
- Provide details about your application and intended use case
- Once approved, you’ll receive your API key
Using Your API Key
Include your API key in the x-api-key header of all requests:
curl -H "x-api-key: your-api-key-here" \
https://api.collectpure.com/v1/products
Example Request
Here’s a complete example of an authenticated request:
curl -X GET \
-H "x-api-key: your-api-key-here" \
-H "Content-Type: application/json" \
https://api.collectpure.com/v1/products
Testing Your API Key
You can test if your API key is working by making a request to any protected endpoint. If your key is valid, you’ll receive the requested data. If invalid, you’ll receive a 401 Unauthorized response.
Security Best Practices
Keep your API key secure and never expose it in client-side code or public repositories.
- Store your API key in environment variables
- Use HTTPS for all API requests
- Rotate your API key regularly
- Monitor your API usage for any suspicious activity
Error Responses
If authentication fails or an error occurs, you’ll receive a JSON response with the following format:
401 Unauthorized (Invalid API Key):
{
"error": "Unknown API key: {KEY THAT WAS SENT}",
"code": 401,
"suggestion": "Please check your API key and try again"
}
{
"error": "Internal Server Error",
"code": 500,
"suggestion": "Please try again later. If the problem persists, please contact support."
}
401 Unauthorized: Invalid or missing API key403 Forbidden: Valid API key but insufficient permissions500 Internal Server Error: Server-side error occurred
Support
If you need help with authentication or have questions about your API key, please contact our support team at [email protected].