Authentication
All API requests (except GET /services) require authentication via an API key.
Get your API key
Request an API key with a single POST request. No signup, no dashboard — the key is sent directly to your email.
curl -X POST https://growthservice.org/api/v1/auth/request-key \
-H "Content-Type: application/json" \
-d '{"email": "you@company.com"}'Response:
{ "message": "API key sent to your email." }Check your inbox for an email containing your API key (format: gsk_...). One key per email address — requesting again sends the same key.
Using your API key
Include your API key in the Authorization header as a Bearer token:
Authorization: Bearer gsk_YOUR_API_KEY
Example: authenticated request
curl https://growthservice.org/api/v1/orders \ -H "Authorization: Bearer gsk_abc123def456"
Errors
| Status | Meaning |
|---|---|
| 401 | Missing or invalid API key |
| 403 | API key doesn't have access to this resource |
Rate limits
API requests are rate-limited to prevent abuse:
| Endpoint | Limit |
|---|---|
| General API | 100 requests / minute |
| Order creation | 10 orders / hour |
| Auth key requests | 5 requests / hour per email |
Rate-limited requests return HTTP 429. Retry after the Retry-After header value (in seconds).