Skip to main content

Authentication

The docs101 API uses API key authentication. Include your API key in the X-API-Key header with every request.

API Key Format

API keys follow the format ak_live_ followed by 32 hexadecimal characters:

ak_live_a1b2c3d4e5f6789012345678abcdef01

Making Authenticated Requests

curl

curl -H "X-API-Key: ak_live_YOUR_KEY_HERE" \
  https://docs101.com/api/customers/

To create a resource, send JSON in the request body:

curl -X POST \
  -H "X-API-Key: ak_live_YOUR_KEY_HERE" \
  -H "Content-Type: application/json" \
  -d '{"name": "Acme Corp", "email": "billing@acme.com"}' \
  https://docs101.com/api/customers/

Python

import requests

API_KEY = "ak_live_YOUR_KEY_HERE"
BASE_URL = "https://docs101.com/api"

headers = {
    "X-API-Key": API_KEY,
    "Content-Type": "application/json",
}

# List all customers
response = requests.get(f"{BASE_URL}/customers/", headers=headers)
customers = response.json()

for customer in customers:
    print(customer["name"])

Creating an Invoice

# Create an invoice for a customer
invoice_data = {
    "customer_id": "f47ac10b-58cc-4372-a567-0e02b2c3d479",
    "invoice_date": "2026-03-05",
    "positions": [
        {
            "description": "Consulting services",
            "quantity": 10,
            "unit_price": 150.00,
            "vat_rate": 19.0
        }
    ]
}

response = requests.post(
    f"{BASE_URL}/invoices/",
    headers=headers,
    json=invoice_data,
)
print(response.json())

JavaScript (Node.js)

const API_KEY = "ak_live_YOUR_KEY_HERE";
const BASE_URL = "https://docs101.com/api";

// List all customers
const response = await fetch(`${BASE_URL}/customers/`, {
  headers: {
    "X-API-Key": API_KEY,
    "Content-Type": "application/json",
  },
});

const customers = await response.json();
console.log(customers);

PHP

$apiKey = "ak_live_YOUR_KEY_HERE";
$baseUrl = "https://docs101.com/api";

$ch = curl_init("$baseUrl/customers/");
curl_setopt($ch, CURLOPT_HTTPHEADER, [
    "X-API-Key: $apiKey",
    "Content-Type: application/json",
]);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

$response = curl_exec($ch);
$customers = json_decode($response, true);

curl_close($ch);

Managing API Keys

You manage API keys in the docs101 web app under Account Settings (gear icon in the top-right corner) > API Keys:

  • Create: Generate a new key with a descriptive name (up to 10 keys per company)
  • View: See all keys with their name, prefix, creation date, and last usage
  • Revoke: Deactivate a key immediately — any requests using that key will return 401
Key Security

Treat your API key like a password. Do not commit it to version control or share it in public channels. Use environment variables or a secrets manager to store keys in your applications.

Key Lifecycle

  • API keys are tied to your company account
  • Keys do not expire, but can be revoked at any time
  • If you downgrade from the Pro plan, all API keys are automatically deactivated
  • Upgrading back to Pro does not reactivate previously deactivated keys — create new ones instead

API Reference

For the full list of endpoints, request/response schemas, and interactive testing, see the Swagger documentation.