Authorization
All GrowForMe APIs require authorization. Unauthorized requests will be rejected with a 401 Unauthorized response.
GrowForMe supports multiple authorization methods to secure your API requests. Choose the method that best fits your integration needs.
API Key Authorization
API Key is the simplest form of authorization for GrowForMe APIs. You'll receive a unique API key upon registration.
How to use
Include your API key in the X-API-Key header of each request.
Host: api.growforme.com
X-API-Key: your_api_key_hereSecurity Considerations
- Keep your API key secret and secure.
- Rotate your API key periodically for enhanced security.
- Use environment variables to store API keys in your application.
You can manage your API keys in the GrowForMe Dashboard (opens in a new tab).
Best Practices
- Use HTTPS: Always use HTTPS to encrypt all API communications.
- Least Privilege: Only request the permissions your application needs.
- Token Storage: Store tokens securely, preferably in environment variables or secure key stores.
- Error Handling: Implement proper error handling for authorization failures.
- Audit Logging: Log authentication events for security monitoring.
Rate Limiting
API requests are subject to rate limiting. Exceeding the limit will result in a 429 Too Many Requests response.
For more information on rate limits and best practices, see our Rate Limiting Guide.
Need Help?
If you're having trouble with authorization, check out our Troubleshooting Guide or contact our support team (opens in a new tab).