Authentication

You'll need to authenticate your requests to access any of the endpoints in the Brandsearch API. In this guide, we'll look at how authentication works.

API key authentication

The Brandsearch API uses API key authentication. Include your API key in the X-API-Key header with every request.

Example request with API key

curl https://api.brandsearch.co/v1/brands \
  -H "X-API-Key: bsk_your_api_key"

Your API key starts with the bsk_ prefix and is tied to your account. You can create and manage API keys from the Brandsearch dashboard.

Keep your API key secret. Do not commit it to version control or expose it in client-side code. If you suspect your key has been compromised, revoke it immediately from the dashboard and create a new one.

Using the API key

Here's how to include the API key in different languages:

GET
/v1/brands
curl -G https://api.brandsearch.co/v1/brands \
  -H "X-API-Key: bsk_your_api_key" \
  -d page_size=10

Error responses

If your API key is missing, invalid, or has been revoked, the API will return a 401 error:

Invalid API key response

{
  "error": {
    "code": "INVALID_API_KEY",
    "message": "The provided API key is invalid.",
    "details": {}
  }
}

Revoked API key response

{
  "error": {
    "code": "REVOKED_API_KEY",
    "message": "This API key has been revoked.",
    "details": {}
  }
}

Quota headers

Every authenticated response includes headers showing your current quota usage:

  • Name
    X-Quota-Daily-Remaining
    Type
    integer
    Description

    Number of requests remaining for the current day.

  • Name
    X-Quota-Monthly-Remaining
    Type
    integer
    Description

    Number of requests remaining for the current month.

  • Name
    X-Quota-Daily-Limit
    Type
    integer
    Description

    Your total daily request limit.

  • Name
    X-Quota-Monthly-Limit
    Type
    integer
    Description

    Your total monthly request limit.

Learn more about rate limits and quotas

Was this page helpful?