Authentication

All API requests require an API key sent in the Authorization header.

Getting an API key

Log in to app.journeybee.io
Go to Settings > API Keys
Click Create API Key
Choose permissions:
- Read — access to GET endpoints
- Write — access to POST, PATCH, and DELETE endpoints
Copy the key immediately — it won’t be shown again

Using your API key

Include the key in the Authorization header using either format:

# Bearer format (recommended)
curl https://api.journeybee.io/v1/partners \
  -H "Authorization: Bearer YOUR_API_KEY"

# Api-Key format (also supported)
curl https://api.journeybee.io/v1/partners \
  -H "Authorization: Api-Key YOUR_API_KEY"

Permissions

Permission	Access
Read	`GET` endpoints — list and retrieve resources
Write	`POST`, `PATCH`, `DELETE` endpoints — create, update, and delete resources

A key with only Read permission will receive a 403 Forbidden response on write operations.

Rate limits

Requests are rate-limited to 500 requests per minute per API key. Exceeding this returns a 429 Too Many Requests response with a Retry-After header.

Error responses

Missing or invalid API key:

{
  "error": {
    "code": "unauthorized",
    "message": "Authorization header is required"
  }
}

Insufficient permissions:

{
  "error": {
    "code": "forbidden",
    "message": "Write access is required"
  }
}

​Authentication

​Getting an API key

​Using your API key

​Permissions

​Rate limits

​Error responses