Authentication

The Rulebook Company API uses API access keys to authenticate requests. You can obtain your API key by contacting our sales team.

API Access Key

Include your API key in the x-rulebook-api-access-key header with every request: 
curl https://api.rulebook.company/api/v1/exchanges \
  -H "x-rulebook-api-access-key: YOUR_API_KEY"
Keep your API keys secure and never commit them to version control.

Request Format

All API requests must be made over HTTPS. Calls made over plain HTTP will fail. 
{
  "headers": {
    "x-rulebook-api-access-key": "YOUR_API_KEY"
  }
}
All endpoints return JSON responses. No Content-Type header is required for GET requests.

Security Best Practices

Rotate Keys Regularly

Update your API keys periodically to maintain security

Use Environment Variables

Store API keys in environment variables, never in code

Limit Key Scope

Create separate keys for different environments

Monitor Usage

Track API key usage in your dashboard

Getting Your API Key

Contact Sales for API Access — To obtain your API access key, please contact our sales team at sales@rulebook.company or through our website.
Once you receive your API credentials:
  1. Store your key securely in an environment variable
  2. Add the x-rulebook-api-access-key header to all API requests
  3. Test with a simple call to List Exchanges
# Test your API key
curl -X GET https://api.rulebook.company/api/v1/exchanges \
  -H "x-rulebook-api-access-key: YOUR_API_KEY"
You can create multiple API keys for different applications or environments.