| title | Authentication |
|---|---|
| description | How to authenticate Request Network API calls with API keys or Client ID |
Request Network API supports two authentication modes:
x-api-keyfor server-side integrationsx-client-idfor browser/client integrations (withOriginheader)
Use this page as the canonical auth reference. For credential creation and webhook setup in the portal, see API Portal: Manage API Keys and Webhooks.
| Method | Best for | Header(s) |
|---|---|---|
| API Key | Backend services, cron jobs, trusted server environments | x-api-key |
| Client ID | Browser/front-end calls where client auth is required | x-client-id (+ Origin) |
Use API keys for backend calls.
curl -X GET 'https://api.request.network/v2/request/{requestId}' \
-H 'x-api-key: YOUR_API_KEY'Use Client ID when your integration needs browser-side authentication flow.
curl -X GET 'https://api.request.network/v2/request/{requestId}' \
-H 'x-client-id: YOUR_CLIENT_ID' \
-H 'Origin: https://your-app.example'x-api-key: API key used for server-side authx-client-id: Client identifier used for client-side authOrigin: required with Client ID flows in browser contexts
- Missing auth header
- Invalid/expired API key or client ID
- Credentials are valid but not allowed for the requested operation
- Client ID is revoked or restricted
- Request rate exceeded for your credentials
- Keep API keys server-side and out of frontend bundles
- Store credentials in environment variables or secret managers
- Rotate compromised credentials immediately
- Verify webhook signatures independently (webhook signing uses a separate secret)