Skip to main content

API Authentication

All requests to the Records Rocket API must be authenticated. Our platform uses an API key-based system for server-to-server integrations.

Generating an API Key

API keys can be generated by users with TenantAdmin or SiteAdmin privileges from within the Records Rocket web application dashboard.

Navigate to the Settings > API & Integrations section.
Click on Generate New API Key.
Provide a descriptive name for the key (e.g., "Case Management System Integration").
Copy the generated API key immediately. For security reasons, the full key will not be shown again.

Using the API Key

To authenticate your API requests, you must include the API key in the Authorization header of your HTTP request, using the Bearer scheme.

Example Request Header

GET /api/cases/123e4567-e89b-12d3-a456-426614174000 HTTP/1.1
Host: your-instance.recordsrocket.com
Authorization: Bearer YOUR_API_KEY_HERE
Content-Type: application/json

Authentication Errors

If you do not provide an API key, or if the key is invalid, the API will return an HTTP 401 Unauthorized status code.
If your API key is valid but you do not have permission to access the requested resource, the API will return an HTTP 403 Forbidden status code.

// Example 401 Response
{
  "error": "Unauthorized"
}

// Example 403 Response
{
  "error": "You don't have permission to access this resource"
}

Generating an API Key
Using the API Key
- Example Request Header
Authentication Errors