All API requests require a Bearer token in the Authorization header.
curl https://api.open.cx/contacts \
-H "Authorization: Bearer YOUR_API_KEY"
Generate an API key
- Go to Settings → Access in the OpenCX dashboard.
- Click Create API Key.
- Give it a name (e.g. “Production”, “Staging”) and copy the key.
The full key is only shown once. Store it securely — if you lose it, generate a new one.
Using the key
Pass the key as a Bearer token in the Authorization header on every request:
Authorization: Bearer ocx_live_abc123...
curl -X GET https://api.open.cx/contacts \
-H "Authorization: Bearer YOUR_API_KEY"
Error responses
| Status | Meaning |
|---|
401 Unauthorized | Missing or invalid API key |
403 Forbidden | Key is valid but doesn’t have access to this resource |
{
"statusCode": 401,
"message": "Unauthorized",
"error": "Unauthorized"
}
Best practices
- Never commit keys to source control. Use environment variables or a secrets manager.
- Rotate keys periodically. You can create multiple keys and revoke old ones from the dashboard.
- Use separate keys for each environment (production, staging, development) so revoking one doesn’t break the others.
