Skip to main content

Overview

All requests to the Tuesday Leads API must be authenticated using your unique API key. Authentication is handled through HTTP headers, making it simple to integrate into any application or programming language.

API Key Authentication

Getting Your API Key

  1. Sign up for a Tuesday account at app.tuesday.so
  2. Navigate to the API Keys section in your dashboard
  3. Generate a new API key for your application
  4. Copy the key and store it securely
Your API key is sensitive information. Never share it publicly, commit it to version control, or expose it in client-side code.

How to Authenticate

Include your API key in the X-API-KEY header of every request: 
curl --location 'https://api.tuesday.so/api/v1/public/auth' \
--header 'X-API-KEY: your-api-key-here'

Testing Authentication

Use the Auth API endpoint to verify your API key is working correctly: 
curl --location 'https://api.tuesday.so/api/v1/public/auth' \
--header 'X-API-KEY: your-api-key-here'
Successful Response: 
{
    "data": {
        "name": "Your Workspace Name",
        "id": "ws30ngrb03luqxcl27", 
        "user_id": "usr19g6tln8rlii8"
    },
    "statusCode": 200,
    "message": "Success"
}

Authentication Errors

When authentication fails, you’ll receive one of these error responses:

Invalid API Key

{
    "statusCode": 401,
    "message": "Unauthorized",
    "error": "Invalid or missing API key"
}

Missing API Key

{
    "statusCode": 401,
    "message": "Unauthorized", 
    "error": "API key is required"
}

Best Practices

Store your API keys in environment variables or secure configuration management systems. Never hardcode them in your application.
# Environment variable
export TUESDAY_API_KEY="your-api-key-here"

// In your application
const apiKey = process.env.TUESDAY_API_KEY;
Regularly rotate your API keys for enhanced security. The Tuesday dashboard allows you to generate new keys and deactivate old ones.
Monitor your API key usage through the Tuesday dashboard to track consumption and detect any unusual activity.
Always implement proper error handling for authentication failures in your applications.
try {
  const response = await fetch(endpoint, { headers });
  
  if (response.status === 401) {
    throw new Error('Invalid API key - check your authentication');
  }
  
  const data = await response.json();
  return data;
} catch (error) {
  console.error('Authentication error:', error);
}

Environment-Specific Keys

Consider using different API keys for different environments (development, staging, production) to better isolate usage and maintain security.

Next Steps

Once you have authentication working:
I