Authentication
All API requests must include your API key in the Authorization header.
API keys
Section titled “API keys”Generate API keys from the Developer Dashboard. Each key has a prefix that indicates its environment:
| Prefix | Environment | Purpose |
|---|---|---|
nfy_live_ | Production | Real data, real emails |
nfy_dev_ | Development | Testing (emails suppressed) |
Making requests
Section titled “Making requests”Include your API key as a Bearer token:
curl https://api.nouncify.com/v1/collections \ -H "Authorization: Bearer nfy_live_AbCdEfGhIjKlMnOpQrStUvWxYz12"const response = await fetch('https://api.nouncify.com/v1/collections', { headers: { 'Authorization': 'Bearer nfy_live_AbCdEfGhIjKlMnOpQrStUvWxYz12', 'Content-Type': 'application/json', },});import requests
response = requests.get( 'https://api.nouncify.com/v1/collections', headers={'Authorization': 'Bearer nfy_live_AbCdEfGhIjKlMnOpQrStUvWxYz12'})Rate limits
Section titled “Rate limits”| Limit | Value |
|---|---|
| Requests per minute | 100 |
| Batch invite max recipients | 100 per request |
| Play link requests per minute | 1,000 |
When rate limited, you’ll receive a 429 Too Many Requests response with a Retry-After header.
Security best practices
Section titled “Security best practices”- Store keys in environment variables, not source code
- Use
nfy_dev_keys for development and testing - Rotate keys regularly from the Developer Dashboard
- Revoke compromised keys immediately