Authentication - Encrata

All API requests require an API key passed via the Authorization header using the Bearer scheme.

Authorization: Bearer YOUR_API_KEY

Creating a key

Go to encrata.com/api-keys
Click Create Key
Copy the key — it’s only shown once

Key behavior

Behavior	Detail
Format	Opaque string
Scope	Tied to your user account
Revocation	Instant — revoked keys are rejected immediately
Usage tracking	Every request is logged with credits consumed and response time

Example request

curl -X POST https://encrata.com/api/agent/lookup \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"email": "test@example.com"}'

Error responses

If authentication fails, the API returns: Standard endpoints:

{
  "error": "Unauthorized"
}

Agent endpoint:

{
  "c": 401,
  "m": "bad key"
}

Keep your API key secret. Do not commit it to version control or expose it in client-side code.

Quickstart Credits

Documentation Index

​Creating a key

​Key behavior

​Example request

​Error responses

Creating a key

Key behavior

Example request

Error responses