API v1
Authentication
API keys, headers, and organization isolation in Notify.
Authentication
The public integrator API requires two mandatory headers on every send request.
Headers
| Header | Description |
|---|---|
Authorization | Format: Api-Key evn_xxxxx... (project secret). |
X-Organization-ID | Numeric organization (tenant) ID. |
Content-Type | application/json for requests with a body. |
Example
Authorization: Api-Key evn_1M7p6RP3TYzxjmDb46ztT9OStLH1Oct-eQx1JtB0TQw
X-Organization-ID: 4
Content-Type: application/jsonProject API keys
- Each project has its own API keys.
- The secret is shown only once when created; if lost, revoke and create a new one.
- Keys can be rotated from the panel without affecting others in the same project.
Multitenant isolation
Each organization operates in a separate tenant. X-Organization-ID must match the organization that owns the API key. Invalid combinations return authentication or permission errors.
Common errors
| Code | Likely cause |
|---|---|
401 | Missing, malformed, or revoked API key. |
403 | Wrong organization or insufficient resource access. |
404 | Template or project not found in that tenant. |