Skip to main content

Authentication

Linquid uses API keys to authenticate requests. You can manage your API keys from the dashboard.

Getting an API Key

  1. Log in to dashboard.linquid.io
  2. Go to Settings > API Keys
  3. Click Create API Key
  4. Give it a name and select the required scopes
  5. Copy your key - it won’t be shown again!
Keep your API keys secure. Never expose them in client-side code or commit them to version control.

Using Your API Key

Include your API key in the Authorization header: 
curl https://api.linquid.io/links \
  -H "Authorization: Bearer lw_live_xxxxxxxxxxxx"

API Key Scopes

When creating an API key, you can limit its permissions:
ScopeDescription
links:readRead link data
links:writeCreate, update, delete links
rules:readRead routing rules
rules:writeCreate, update, delete rules
analytics:readAccess analytics data
campaigns:readRead campaigns
campaigns:writeManage campaigns
domains:readRead custom domains
domains:writeManage custom domains

Key Prefixes

API keys use prefixes to indicate their type:
  • lw_live_ - Production keys
  • lw_test_ - Test/sandbox keys (if available)

Rate Limits

API requests are rate-limited based on your plan:
PlanRate Limit
Starter100 requests/hour
Pro1,000 requests/hour
Enterprise10,000 requests/hour
Rate limit headers are included in every response: 
X-RateLimit-Limit: 1000
X-RateLimit-Remaining: 999
X-RateLimit-Reset: 1704067200

Error Responses

Authentication errors return a 401 Unauthorized status: 
{
  "success": false,
  "error": {
    "code": "UNAUTHORIZED",
    "message": "Invalid or missing API key"
  }
}

Security Best Practices

Store API keys in environment variables, not in code:
export LINQUID_API_KEY="lw_live_xxxx"
Only request the scopes your integration needs
Delete old keys and create new ones periodically
Check the API Keys page for unusual activity