API Authorization

This guide explains how to obtain the authentication key needed to use the Neoagent APIs.

How to Obtain the Secret Key

To access the Neoagent APIs, you need a unique authentication key. Follow these steps to retrieve it:

Step 1: Go to Settings

Log into your Neoagent account and navigate to the Profile Settings.

webhooks panel

Step 2: Select Webhooks API

Once in the settings, find and select the "Webhooks API" section.

Step 3: Retrieve the Key

Scroll to the bottom of the Webhooks API page. Here you will find your Token Management.

token creation

Using the Secret Key

Once you have obtained the key, use it in all API requests in the Authorization header:

Authorization: Your-Secret-Key
Content-Type: application/json

Usage Example

JavaScript
Python
cURL

const headers = {
  'Authorization': 'your-secret-key-here',
  'Content-Type': 'application/json'
};

const response = await fetch('https://app.neoagent.co/api/endpoint', {
  method: 'POST',
  headers: headers,
  body: JSON.stringify(data)
});

headers = {
    'Authorization': 'your-secret-key-here',
    'Content-Type': 'application/json'
}

response = requests.post(
    'https://app.neoagent.co/api/endpoint',
    headers=headers,
    json=data
)

curl -X POST \
  'https://app.neoagent.co/api/endpoint' \
  -H 'Authorization: your-secret-key-here' \
  -H 'Content-Type: application/json' \
  -d '{"key": "value"}'

Key Security

Important

Never share your Secret Key publicly
Do not include the key in frontend code visible to users
Regenerate the key if you suspect it has been compromised
Use environment variables to store the key in your projects

Security Best Practices

Environment Variables: Store the key in environment variables
```
const apiKey = process.env.NEOAGENT_SECRET_KEY;
```
Server-Side Only: Use the key only in server-side calls, never in the frontend
Monitoring: Monitor the usage of your API to detect suspicious activity
Rotation: Consider periodically regenerating the key for added security

Troubleshooting

Error 401 - Unauthorized

If you receive a 401 error, check that:

The Secret Key is correct
The Authorization header is present
There are no extra spaces in the key

Error 403 - Forbidden

If you receive a 403 error, it may be because:

Your account lacks the necessary permissions
You have exceeded rate limiting
The requested endpoint is not available for your plan

How to Obtain the Secret Key​

Step 1: Go to Settings​

Step 2: Select Webhooks API​

Step 3: Retrieve the Key​

Using the Secret Key​

Usage Example​

Key Security​

Security Best Practices​

Troubleshooting​

Error 401 - Unauthorized​

Error 403 - Forbidden​