Skip to Content

Authentication

All API requests are authenticated using an API key passed via the X-API-KEY HTTP header.

curl -X GET "https://api.codelloy.com/link/external/v1/shortenedUrl?page=0&size=20" \
  -H "X-API-KEY: your_api_key_here"

Important: Every request must include the X-API-KEY header. Requests without it will receive a 401 Unauthorized response.

How It Works

  1. Generate an API key from the Codelloy Dashboard.
  2. Include the key in the X-API-KEY header of every request.
  3. The server validates your key and associates the request with your organization.
  4. If the key is missing, invalid, or expired, the API returns a 401 Unauthorized error.

Header Format

HeaderTypeRequiredDescription
X-API-KEYstringYesYour API key obtained from the dashboard

Example

curl -X POST "https://api.codelloy.com/link/external/v1/shortenedUrl/save" \
  -H "X-API-KEY: your_api_key_here" \
  -H "Content-Type: application/json" \
  -d '{"url": "https://example.com"}'

Error Responses

Authentication failures return HTTP 401 with the standard JSON envelope and error code SML003.

Missing API Key:

HTTP/1.1 401 Unauthorized
Content-Type: application/json
{
  "errors": [
    { "code": "SML003", "message": "Send API key in the request" }
  ]
}

Invalid API Key:

HTTP/1.1 401 Unauthorized
Content-Type: application/json
{
  "errors": [
    { "code": "SML003", "message": "API Key is Invalid. Please check your API Key or generate a new one" }
  ]
}
Last updated on
OverviewObtaining Your API Key