Authentication

Learn how to authenticate your API requests with PureSignup using API keys and Bearer tokens.

API Key Authentication

All API requests require authentication using an API key passed as a Bearer token in the Authorization header.

Authentication Header
Authorization: Bearer YOUR_API_KEY

Getting Your API Key

  1. Sign up and start your 7-day free trial
  2. Complete your profile setup
  3. Navigate to Account → Settings → API Keys
  4. Click Create New Key
  5. Give your key a descriptive name (e.g., "Production App")
  6. Copy the key immediately - it's only shown once!

⚠️ Security Warning: Your API key is like a password. Never commit it to version control, share it publicly, or expose it in frontend code.

Using Your API Key

Include your API key in the Authorization header of every request:

cURL Example
curl -H "Authorization: Bearer sk_your_api_key_here" \
  "https://puresignup.com/api/v1/check?q=user@example.com"
JavaScript / Fetch API
const response = await fetch('https://puresignup.com/api/v1/check?q=user@example.com', {
  headers: {
    'Authorization': 'Bearer sk_your_api_key_here'
  }
});

const data = await response.json();
Python / Requests
import requests

headers = {
    'Authorization': 'Bearer sk_your_api_key_here'
}

response = requests.get(
    'https://puresignup.com/api/v1/check',
    params={'q': 'user@example.com'},
    headers=headers
)

data = response.json()
PHP / cURL
<?php
$ch = curl_init();

curl_setopt_array($ch, [
    CURLOPT_URL => 'https://puresignup.com/api/v1/check?q=user@example.com',
    CURLOPT_RETURNTRANSFER => true,
    CURLOPT_HTTPHEADER => [
        'Authorization: Bearer sk_your_api_key_here'
    ]
]);

$response = curl_exec($ch);
$data = json_decode($response, true);

curl_close($ch);

Managing API Keys

You can create multiple API keys for different environments or applications. This allows you to:

  • Use different keys for development, staging, and production
  • Rotate keys without disrupting all services
  • Track usage per key
  • Revoke compromised keys immediately

Key Actions

ActionDescriptionLocation
Create KeyGenerate a new API keyAccount → Settings → API Keys
Enable/DisableTemporarily disable a key without deleting itToggle switch next to key
Delete KeyPermanently remove a keyDelete button next to key
View UsageSee when a key was last usedLast used timestamp shown

Authentication Errors

If authentication fails, you'll receive an error response:

401 Unauthorized
{
  "success": false,
  "error": "Invalid or missing API key"
}

Common Authentication Issues

Missing Authorization Header

Make sure you're including the Authorization header in your request. The header name is case-insensitive.

Invalid Bearer Token Format

The format must be exactly: Authorization: Bearer YOUR_API_KEY. Note the space after "Bearer".

Key Disabled or Deleted

Check your API Keys page to verify the key is still active. Disabled or deleted keys will return a 401 error.

Incorrect Key

Double-check that you copied the entire key correctly. API keys start with sk_ and are 68 characters long.

Best Practices

Use environment variables: Store API keys in environment variables, not in your code
Rotate keys regularly: Create new keys periodically and delete old ones
Never expose keys client-side: Always call the API from your backend
Revoke immediately if compromised: Delete the key and create a new one

Next Steps

© 2025 PureSignup. All rights reserved.