Skip to main content
All API endpoints require authentication. The recommended method for integrations is an API key.

API key authentication

Pass your API key in the X-API-Key header: 
curl -X GET "https://api.socrateslabs.io/api/contacts" \
  -H "X-API-Key: sk_your_api_key_here"

Key format

API keys use the prefix sk_ followed by a random string: 
sk_a1b2c3d4e5f6g7h8i9j0...

Creating an API key

  1. Log in to your Socrates CRM dashboard
  2. Go to Settings > Developer Settings
  3. Click Create API Key
  4. Copy the key immediately (it won’t be shown again)
API keys grant full access to your account’s data. Never expose them in client-side code, public repositories, or logs.

Alternative: JWT authentication

For browser-based sessions, the API also accepts JWT tokens from Supabase Auth: 
Authorization: Bearer <jwt_token>
X-Account-ID: <account_uuid>
JWT authentication requires both headers. This method is primarily used by the Socrates CRM web application.

Authentication errors

StatusMeaning
401Missing or invalid API key / token
403Valid credentials but insufficient permissions