Skip to main content
All CollectionsIntegrationsAPI 2.0
Authorization
Authorization

How to get access to Woodpecker API 2.0

Weronika Wróblewska avatar
Written by Weronika Wróblewska
Updated over 4 months ago

IN THIS ARTICLE:

  1. Authorization overview

  2. How to access Woodpecker API

  3. Accessing Woodpecker API with API platforms

  4. Master API Key Authorization

Authorization overview

Authorization is made with API key. You can generate it in your Woodpecker panel. Not sure how? Check this guide.

API Key is a part of an API Key and Integrations add-on, click here to learn how to get it on Marketplace »

Your API key identifies your account so keep it secret!

Remember, API key is a required parameter. We'll return an error if it's missing or invalid.

Another noteworthy thing is that if you use Agency panel, each company you've added can have their own API keys. To access any data from a specific company added to your Agency, you need to generate API key for this company.

How to access Woodpecker API

All API requests start with 

https://api.woodpecker.co/rest/v2

Woodpecker API 1.0 documentation is available here.

IMPORTANT: use API key generated in Woodpecker as a password, not user name.

To make request you can place your API key in headers, as following:

     headers : { 
          "X-API-Key" : "<API KEY>" 
      }

If you prefer to use cURL, you can use the following syntax:

curl --location --request GET 'https://api.woodpecker.co/rest/v2/endpoint_of_your_choice' \ 
--header 'X-Api-Key: API_KEY'

Authorizing endpoints in Make

This authorization is very similar to what's described above:

On the top of your regular Woodpecker connection, add a header to your request with the "X-API-Key" key and your <API Key> value, as shown in the image below.

Accessing Woodpecker API with API platforms

If you're using an API platform such as Postman to access the API, you need to choose Authentication Basic option and provide your API key (not encoded) as a password.

For any API related feedback feel free to drop us a line at [email protected] .

Master API Key Authorization

By using the API Key generated on the main account of the Agency, you can specify in the header the ID of the company in the context of which you want the request to be interpreted. This way, using one key from the main account, you can make requests as different companies (instead of making the API Key change to one coming from a company).

To determine whether a request should be treated under the Agency company, besides the autorization header, use the following header:

x-company-id: <YOUR_CLIENT_COMPANY_ID>

If you prefer to use cURL, you can use the following syntax (with header):

curl --location --request GET 'https://api.woodpecker.co/rest/v2/webhooks'\ 
--header 'x-api-key: <YOUR_AGENCY_HQ_API_KEY>' \ 
--header 'x-company-id: <YOUR_CLIENT_COMPANY_ID>'

Sample response:

{
    "webhooks": [
        {
            "target_url": "https://yourdomain.com/webhooks/target_url/<YOUR_CLIENT_COMPANY_ID>",
            "event": "PROSPECT_REPLIED"
        }
    ]
}

Error list

HTTP

type

description

400

BAD_REQUEST

X-Company-Id given but not numeric

403

FORBIDDEN

X-Company-Id given but it's not the key from the main Agency account

404

NOT_FOUND

X-Company-Id given but company does not exist within the particular agency from which the key originates

409

CONFLICT

X-Company-Id given but company is inactive

403

FORBIDDEN

X-Company-Id given but key generated by a user who does not have access to the company in question

Want to integrate with us?

If you're interested in building a native integration with Woodpecker, fill out this form and we'll get back to you.

Did this answer your question?