Unless otherwise noted, all calls to resources exposed by the ActiveProspect APIs require authentication. The APIs use HTTP Basic Authentication. In place of the password, use your account API key. The username is ignored so you can provide whatever value you like. This documentation uses API as the username.


Throughout this documentation you will see examples that look similar to that shown below. This examples uses the ubiquitous curl shell command. The -uX:1234567890 portion of that command specifies the HTTP Basic Authentication credentials. In this example X is the username and 1234567890 is the API key.

$ curl -X GET -uX:1234567890 -H 'Accept: application/json'

If the -u argument is omitted from an example, you may assume that it does not require authentication.

Failure to Authenticate

When you fail to provide the correct HTTP Basic Auth credentials, you will receive an HTTP 401 (Unauthorized) response that looks like this:

HTTP/1.1 401 Unauthorized
Date: Tue, 28 Jul 2015 03:29:16 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 33
Connection: keep-alive
Vary: Accept, Accept-Encoding
ETag: W/"21-48c58abe"

{"error":"authentication failed"}


Your API key is used to authenticate all calls to the API. This key is private. Treat it like a password. Only give it out to people you trust. Your API key works with all ActiveProspect products to which you are subscribed. You can retrieve your API key via the ActiveProspect ID account settings.

Resetting your API key

You can reset your API key via your ActiveProspect ID account settings. After you have reset it, you must propagate the new key to each of the ActiveProspect products to which you are subscribed by logging into them in turn. The act of logging in to a product causes the key to propagate to that product. Once you reset the API key in your ActiveProspect ID account settings, and log into a product your old key will immediately stop working and your new key will start working.