Authentication
All TechLadder API endpoints require authentication using a Bearer token. Your API key acts as this token.
Getting Your API Key
- Create an account on TechLadder
- Log in to the TechLadder Dashboard
- Navigate to Settings → API Keys
- Click Generate API Key
- Copy your key immediately — it will only be shown once
Your API key looks like:
sk_bvTQr74V8Rk-bNM7mPOR2rwWQQrqs_m9K8HNeemSECfb--2L9VfVyElni0qzkF-D
Using Your API Key
Include your API key in the Authorization header of every request:
Authorization: Bearer sk_your_api_key_here
Example Request
curl -X GET https://api.staging.techladder.ai/api/v1/public/me \
-H "Authorization: Bearer sk_your_api_key_here"
Example Response
{
"status_code": 200,
"message": "Account details fetched successfully",
"error": null,
"data": {
"account_id": "acc_abc123",
"name": "Your Company",
"email": "dev@yourcompany.com",
"limits": {
"max_batch_size": 10000,
"max_concurrent_calls": 20,
"max_call_duration_seconds": 900,
"rate_limit_per_minute": 300
}
}
}
Security Best Practices
Important
- Never expose your API key in client-side code, Git repositories, or public URLs
- Use environment variables to store your key
- Rotate your key immediately if you suspect it has been compromised
- Each API key is tied to your account — all actions are logged
| ✅ Do | ❌ Don't |
|---|---|
| Store in environment variables | Hardcode in source code |
| Use server-side requests only | Expose in frontend JavaScript |
| Rotate keys periodically | Share keys across teams |
| Use separate keys per environment | Use production keys for testing |
Error Responses
If authentication fails, you'll receive one of these errors:
| Status | Error Code | Description |
|---|---|---|
401 | UNAUTHORIZED | Missing or invalid API key |
403 | FORBIDDEN | API access not enabled for your account |
429 | RATE_LIMITED | Too many requests — slow down |