API Keys

Using Your API Key

Include your API key in the X-API-Key header with every request:

X-API-Key: your_api_key_here

Example using cURL:

curl -X POST https://api.medicare.healthsherpa.com/v1/contacts \
  -H "X-API-Key: your_api_key_here" \
  -H "Content-Type: application/json" \
  -d '{"first_name": "Alex", "last_name": "Lee", ...}'

API Key Management Best Practices

  1. Secure Storage

    • Store API keys in environment variables or secure secret management systems

    • Never commit API keys to version control

    • Rotate keys immediately if they are accidentally exposed

  2. Access Control

    • Limit access to API keys to only necessary personnel

    • Use different API keys for different environments (test vs production)

  3. Implementation

    • Use HTTPS for API requests

    • Don't log API keys in error messages

Troubleshooting

If you receive a 401 Unauthorized response:

  1. Verify the API key is correctly formatted

  2. Confirm you're using the correct key for your environment

  3. Contact support if issues persist

PreviousAuthenticationNextAgent Authentication

Last updated