API Authentication Errors

​

Common Errors

​

401 Unauthorized

{
  "error": "Unauthorized",
  "message": "Invalid or missing API key"
}

• Missing API key
• Invalid API key
• Expired API key

1. Check API key is included
   Copy

   curl -H "Authorization: Bearer YOUR_API_KEY" ...
   
2. Verify key format
   • Include “Bearer ” prefix
   • No extra spaces
   • Complete key (not truncated)
3. Generate new key
   • Old key may be deleted
   • Create fresh API key

​

403 Forbidden

{
  "error": "Forbidden",
  "message": "Insufficient permissions"
}

• Key doesn’t have required permissions
• Accessing restricted resource

1. Check your account permissions
2. Verify resource access rights
3. Contact workspace owner if needed

​

API Key Best Practices

​

Storing Keys

• Use environment variables
• Never commit to version control
• Rotate keys periodically

# Good - environment variable
export LINDO_API_KEY="your_key_here"
curl -H "Authorization: Bearer $LINDO_API_KEY" ...

​

Key Security

• Keep keys confidential
• Don’t share in public channels
• Delete unused keys

​

Generating New API Key

1. Open Settings in sidebar
2. Go to API tab
3. Click “Generate API Key”
4. Copy immediately (shown once)
5. Store securely

​

Testing Your Key

curl -X GET "https://api.lindo.ai/v1/websites" \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json"

{
  "success": true,
  "data": [...]
}

​

Common Mistakes

​

Rate Limiting

​

429 Too Many Requests

1. Reduce request frequency
2. Implement exponential backoff
3. Cache responses when possible

// Exponential backoff example
async function apiCallWithRetry(fn, maxRetries = 3) {
  for (let i = 0; i < maxRetries; i++) {
    try {
      return await fn();
    } catch (error) {
      if (error.status === 429) {
        await sleep(Math.pow(2, i) * 1000);
      } else {
        throw error;
      }
    }
  }
}

​

Getting Help

1. Note the exact error message
2. Include request details (without key)
3. Contact support