Authentication

Learn how to authenticate your API requests with PureSignup using API keys and Bearer tokens.

API Key Authentication

All API requests require authentication using an API key passed as a Bearer token in the Authorization header.

Authentication Header

Authorization: Bearer YOUR_API_KEY

Getting Your API Key

Sign up and start your 7-day free trial
Complete your profile setup
Navigate to Account → Settings → API Keys
Click Create New Key
Give your key a descriptive name (e.g., "Production App")
Copy the key immediately - it's only shown once!

⚠️ Security Warning: Your API key is like a password. Never commit it to version control, share it publicly, or expose it in frontend code.

Using Your API Key

Include your API key in the Authorization header of every request:

cURL Example

curl -H "Authorization: Bearer sk_your_api_key_here" \
  "https://puresignup.com/api/v1/check?q=user@example.com"

JavaScript / Fetch API

const response = await fetch('https://puresignup.com/api/v1/check?q=user@example.com', {
  headers: {
    'Authorization': 'Bearer sk_your_api_key_here'
  }
});

const data = await response.json();

Python / Requests

import requests

headers = {
    'Authorization': 'Bearer sk_your_api_key_here'
}

response = requests.get(
    'https://puresignup.com/api/v1/check',
    params={'q': 'user@example.com'},
    headers=headers
)

data = response.json()

PHP / cURL

<?php
$ch = curl_init();

curl_setopt_array($ch, [
    CURLOPT_URL => 'https://puresignup.com/api/v1/check?q=user@example.com',
    CURLOPT_RETURNTRANSFER => true,
    CURLOPT_HTTPHEADER => [
        'Authorization: Bearer sk_your_api_key_here'
    ]
]);

$response = curl_exec($ch);
$data = json_decode($response, true);

curl_close($ch);

Managing API Keys

You can create multiple API keys for different environments or applications. This allows you to:

Use different keys for development, staging, and production
Rotate keys without disrupting all services
Track usage per key
Revoke compromised keys immediately

Key Actions

Action	Description	Location
Create Key	Generate a new API key	Account → Settings → API Keys
Enable/Disable	Temporarily disable a key without deleting it	Toggle switch next to key
Delete Key	Permanently remove a key	Delete button next to key
View Usage	See when a key was last used	Last used timestamp shown

Authentication Errors

If authentication fails, you'll receive an error response:

401 Unauthorized

{
  "success": false,
  "error": "Invalid or missing API key"
}

Common Authentication Issues

Missing Authorization Header

Make sure you're including the Authorization header in your request. The header name is case-insensitive.

Invalid Bearer Token Format

The format must be exactly: Authorization: Bearer YOUR_API_KEY. Note the space after "Bearer".

Key Disabled or Deleted

Check your API Keys page to verify the key is still active. Disabled or deleted keys will return a 401 error.

Incorrect Key

Double-check that you copied the entire key correctly. API keys start with sk_ and are 68 characters long.

Best Practices

Use environment variables: Store API keys in environment variables, not in your code

Rotate keys regularly: Create new keys periodically and delete old ones

Never expose keys client-side: Always call the API from your backend

Revoke immediately if compromised: Delete the key and create a new one