Authentication
All requests to the Products Manager API must be authenticated with an API key. Pass your key in the Authorization header with the Bearer scheme.
API keys
API keys are long-lived credentials tied to your account. You can create and manage them in your account settings.
Never share your API key or commit it to source control. If a key is compromised, revoke it immediately from your settings and generate a new one.
Using your API key
Pass the key as a Bearer token in the Authorization header on every request:
Authenticated request
curl https://api.productsmanager.app/api/v1/products \
-H "Authorization: Bearer {api_key}"
Create an API key
- Log in at productsmanager.app.
- Navigate to Settings → API Keys.
- Click Create API Key, enter a descriptive name (e.g.
production-integration). - Copy the key immediately — it won't be shown again.
Revoking a key
Go to Settings → API Keys, find the key you want to revoke, and click Delete. Requests using that key will immediately receive a 401 Unauthorized response.
Multi-tenant context
If your account manages multiple tenants (sub-accounts), you can scope a request to a specific tenant by passing the X-Tenant-ID header:
Request with tenant context
curl https://api.productsmanager.app/api/v1/products \
-H "Authorization: Bearer {api_key}" \
-H "X-Tenant-ID: {tenant_id}"
Without this header, the request operates on your default account context.
Error responses
| Status | Meaning |
|---|---|
401 Unauthorized | Missing or invalid API key |
403 Forbidden | Valid key but insufficient permissions |
See the Errors guide for the full error format.