Overview & Authentication
🔑
Overview & Authentication
The Endors REST API lets you read and manage your workspace data programmatically. You can fetch testimonials, clients, folders, and custom fields, and configure outbound webhooks.
Base URL
All endpoints are relative to this base. There is no version prefix in the path (e.g. /v1/). Outbound webhook payloads include an apiVersion: "v1" field in the body.
Authentication
All API requests must include your API key in the Authorization header using the Bearer scheme:
API keys have the format sk_live_ followed by 48 lowercase hexadecimal characters (56 characters total).
Example request:
API keys are scoped to a single Space. The Space ID in the URL must match the Space the key was generated for.
API key access requires the Growth plan or above. On Starter, all API requests return a 403 error.
Response format
Successful responses return a JSON object with ok: true and a data field:
Error responses return ok: false with an error object:
Common error codes
HTTP | Code | Meaning |
|---|---|---|
400 |
| Missing or invalid parameters |
401 |
| Invalid or revoked API key |
403 |
| API key does not have access to this space |
403 |
| Feature not available on your current plan |
404 |
| Resource not found |
500 |
| Internal database error |
Finding your Space ID
Your Space ID is the UUID in the URL when you are inside the app:
What the API does not cover
The following are not available via the REST API and are managed through the Endors dashboard only:
Creating, updating, or deleting collection links
Creating or modifying embeddings and templates
Accepting or rejecting submissions
Billing and subscription management
Deleting custom fields (session-only, not accessible via API key)
Creating and deleting webhooks (session-only, not accessible via API key)