Authentication

Learn how to authenticate your API requests to Magnetite

API Key Authentication

Magnetite uses API keys to authenticate requests. You can find your API key in your project settings.

Keep your API key secure

Your API key carries the same privileges as your account, so keep it secure! Do not share it in publicly accessible areas such as GitHub, client-side code, etc.

Getting Your API Key

Log in to your Magnetite dashboard
Select the project you want to use
Navigate to Settings → API & Integrations
Click Generate API Key if you haven't already
Copy your API key

Important

API keys are only shown once when created. If you lose your key, you'll need to generate a new one.

Using Your API Key

Include your API key in the Authorization header as a Bearer token:

curl https://magnetite.ai/api/projects/generate \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json"

Examples in Different Languages

JavaScript (Axios)

const headers = {
  'Authorization': 'Bearer YOUR_API_KEY',
  'Content-Type': 'application/json'
};

axios.post('https://magnetite.ai/api/projects/generate', data, { headers })

Python (Requests)

headers = {
    'Authorization': 'Bearer YOUR_API_KEY',
    'Content-Type': 'application/json'
}

response = requests.post(
    'https://magnetite.ai/api/projects/generate',
    json=data,
    headers=headers
)

PHP

$headers = [
    'Authorization: Bearer YOUR_API_KEY',
    'Content-Type: application/json'
];

$ch = curl_init('https://magnetite.ai/api/projects/generate');
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($data));

Testing Authentication

You can test your authentication by making a simple status check request:

curl https://magnetite.ai/api/health \
  -H "Authorization: Bearer YOUR_API_KEY"

A successful response will return:

{
  "status": "ok",
  "authenticated": true
}

Error Responses

If authentication fails, you'll receive one of these error responses:

Missing API Key

{
  "success": false,
  "error": {
    "code": "MISSING_AUTH_HEADER",
    "message": "Authorization header is required"
  }
}

Invalid API Key

{
  "success": false,
  "error": {
    "code": "INVALID_API_KEY",
    "message": "The provided API key is invalid"
  }
}

Expired API Key

{
  "success": false,
  "error": {
    "code": "API_KEY_EXPIRED",
    "message": "This API key has expired. Please generate a new one."
  }
}

Best Practices

Store API keys in environment variables, not in your code
Use different API keys for development and production
Rotate your API keys regularly
Never expose API keys in client-side code
Use HTTPS for all API requests
Monitor your API usage in the dashboard

Next Steps

Now that you understand authentication, learn how to generate lead magnets.

Generate Lead Magnets →