Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.hellocobi.com/llms.txt

Use this file to discover all available pages before exploring further.

API Keys

All Cobi API requests are authenticated with an API key passed as a Bearer token. To get an API key:
  1. Contact [email protected] with your organisation details and intended use case
  2. You’ll receive a unique key scoped to your organisation

Making Authenticated Requests

Include your API key in the Authorization header on every request: 
curl -X POST https://api.hellocobi.com/v1/data/customers \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"records": [...]}'

Security Best Practices

Store your API key in environment variables and never hard-code it in source files or commit it to version control. If you suspect a key has been compromised, contact [email protected] to get it rotated immediately. All API traffic must use HTTPS.

Error Responses

StatusMeaningResolution
401 UnauthorizedKey is missing or invalidCheck your Authorization header format and key value
403 ForbiddenKey does not have permission for this resourceContact support to verify your key’s scope
{
  "error": "Unauthorized",
  "message": "Invalid or missing API key"
}