Authentication
How to authenticate with the DataTalk API
All API requests must include a valid API key in the Authorization header.
API Key Format
DataTalk API keys use the dt_ prefix:
dt_a1b2c3d4e5f6...Sending Requests
Include the API key as a Bearer token in the Authorization header:
curl https://api.datatalk.bi/v1/databases \
-H "Authorization: Bearer dt_your_api_key"Creating an API Key
- Log into your DataTalk instance
- Navigate to Settings > API Keys
- Click Create API Key
- Copy the key immediately — it won't be shown again
API keys are hashed before storage. If you lose the key, you'll need to create a new one.
Key Expiration
API keys can optionally have an expiration date. Expired keys return a 401 error with the code API_KEY_EXPIRED.
Webhook Secret
Each API key can have a webhook secret for signing webhook payloads. This is configured when creating the API key and is used for HMAC-SHA256 signatures on callback deliveries. See Webhooks.
Error Codes
| HTTP Status | Code | Description |
|---|---|---|
| 401 | MISSING_AUTH | No Authorization header provided |
| 401 | INVALID_AUTH_FORMAT | Header doesn't match Bearer dt_... format |
| 401 | INVALID_API_KEY | API key not found |
| 401 | API_KEY_EXPIRED | API key has expired |
| 401 | USER_NOT_FOUND | User associated with the key no longer exists |
| 403 | NO_TENANT_ACCESS | User has no tenant access |
Example Error Response
{
"error": "Invalid API key",
"code": "INVALID_API_KEY"
}