Skip to main content
All API endpoints require authentication using either:
  • a SDK Write Key to send events
  • a Workspace API Key to query data, fetch profiles, and manage forms
You’ll need to include the key or token in the request headers for all API calls.

SDK Write Key

Find your SDK Write Key in your project settings.
Tokens in project settings page
Send events through the Events API or SDKs with the SDK Write Key.

Request Headers

Include the Token in your request headers: 
Authorization: Bearer <token>

Workspace API Key

Find your API key in your workspace settings. This key is unique to your workspace and should be kept secure.
Where to find your Workspace API key
The API Key must include the correct Read / Write scope for the API you are calling.

Request Headers

API Authentication Flow Diagram
The Workspace API Key is used with two different header formats depending on the API:

Profiles API and Query API

Send the key as a Bearer token: 
Authorization: Bearer <your_workspace_api_key>

Forms API (Webhooks)

Send the key in the x-api-key header: 
x-api-key: <your_workspace_api_key>

Verify Your API Key

Call this endpoint with the workspace API key to view your workspace details. 
POST https://api.formo.so/api/validate-api-key