x-api-key header. There are no OAuth flows or bearer tokens to manage — one API key authenticates every endpoint.
How do I get my API key?
- Sign up at app.enrow.io
- Click API in the left menu
- Copy your API key
How do I authenticate a request?
Include your API key in thex-api-key header on every request:
x-api-key header works for every endpoint — Email Finder, Email Verifier, Phone Finder, and Account info.
Why am I getting a 401 error?
A401 Unauthorized response means your API key is missing or invalid.
If the API key is invalid, you’ll receive:
message is instead "No apikey found in the x-api-key headers".
For the complete list of status codes and error formats, see Status codes and Error handling.
How do I check my account and credits?
You can retrieve your account information (credits balance and registered webhooks) using the samex-api-key header — no body payload is needed:
Response
Best practices
Use Environment Variables
Use Environment Variables
Store your API key in environment variables rather than hardcoding it:
Rotate Keys Regularly
Rotate Keys Regularly
For enhanced security, rotate your API keys periodically and revoke unused keys.
Use Different Keys for Different Environments
Use Different Keys for Different Environments
Create separate API keys for development, staging, and production environments.
Next steps
Find an email
Search for a professional email address from a name and company.
Verify an email
Check whether an email address is valid and deliverable.
Credits & billing
See how credits are consumed for each endpoint.
Rate limits
Understand the API request limits before scaling up.

