The Unit21 API uses API keys to authenticate requests. These API keys can be generated within the dashboard and must be supplied with each request.


Why API keys?

An API key is an identifier assigned to an API client, used to authenticate an application calling the API. It is typically a unique alphanumeric string included in the API call, which the API receives and validates. APIs use keys to keep track of usage and identify invalid or malicious requests.

Your API keys can be used to perform a variety of actions against the API; whilst GET requests do not affect data in your account, the PATCH and POST requests can create, alter and reassign searches - so please ensure you follow best practice for managing API keys.

Please remember to:

  • Keep your keys secure
  • Rotate your API keys on a frequent basis
  • Never store your API keys in a publicly-accessible location

When making requests to the Unit21 API the key must be provided in the header:

curl -X POST \
    -H 'Content-Type: application/json' \
    -H 'u21-key: YOUR_API_KEY' \
    -d '{
            "request_body": "..."
        }' \


All Unit21 API endpoints are HTTPS only!

HTTPS uses the SSL/TLS protocol to encrypt communications so that attackers can't steal data.