Skip to main content

General

Authentication

The YourCourts API uses API keys for authentication. If API access is enabled for your account, any YourCourts administrator can create a key from the Settings > API Keys page. You can limit the access offered by a given key based on the permissions you select when creating it. For example, you can create an API key that allows you to create and update users, but not archive (delete) them.

API keys allow significant access to the data within your YourCourts account and should be protected and secured accordingly. Never store an API key in a public repository or expose it in client-side code. YourCourts will only display a key value to you once (for you to copy) before storing it using a highly secure one-way hash.

Calls to the API must be made over HTTPS and must include a valid API key sent as a request header named X-API-Key. Any requests made without an API key, or with a key that has been set inactive or deleted from your account, will fail.