Skip to main content

API Key Authentication

Enrow API uses API key authentication. All requests must include your API key in the x-api-key header.

Getting Your API Key

  1. Sign up at app.enrow.io
  2. Click API in the left menu
  3. Copy your API key
Keep your API key secure and never commit it to version control. Treat it like a password.

Making Authenticated Requests

Include your API key in the x-api-key header for every request: 
curl --request POST \
  --url https://api.enrow.io/email/find/single \
  --header 'Content-Type: application/json' \
  --header 'x-api-key: YOUR_API_KEY' \
  --data '{
    "company_domain": "example.com",
    "first_name": "John",
    "last_name": "Doe"
  }'

Authentication Errors

If your API key is missing or invalid, you’ll receive a 401 Unauthorized response: 
{
  "error": "Unauthorized",
  "message": "Invalid or missing API key",
  "status": 401
}

Account Information

You can retrieve your account information (credits balance, registered webhooks) from the API key provided in the x-api-key header: 
curl https://api.enrow.io/account/info \
  -H "x-api-key: YOUR_API_KEY"
Response
{
  "credits": 8500,
  "webhooks": ["https://your-app.com/webhooks/enrow"]
}
No body payload is needed — the account information is retrieved from the API key.

Best Practices

Store your API key in environment variables rather than hardcoding it:
export ENROW_API_KEY="your_api_key_here"
For enhanced security, rotate your API keys periodically and revoke unused keys.
Create separate API keys for development, staging, and production environments.