Skip to content
Documentation Menu

Authentication

The ListBee API uses Bearer token authentication. Include your API key in the Authorization header of every request.

API key

When you create a ListBee account, you receive a single API key prefixed with lb_. Get your key from the developer console. 

# Set your API key as an environment variable
export LISTBEE_API_KEY="lb_your_key_here"

Making requests

Pass your API key as a Bearer token in the Authorization header:

curl
Python
Node.js
curl https://api.listbee.so/v1/listings \
  -H "Authorization: Bearer lb_abc123def456..."
import httpx

client = httpx.Client(
    base_url="https://api.listbee.so",
    headers={"Authorization": "Bearer lb_abc123def456..."},
)

resp = client.get("/v1/listings")
const resp = await fetch("https://api.listbee.so/v1/listings", {
  headers: { "Authorization": `Bearer ${apiKey}` }
});

Error responses

If authentication fails, the API returns a 401 Unauthorized response: 

{
  "error": {
    "type": "authentication",
    "code": "invalid_api_key",
    "message": "The API key provided is invalid or has been revoked."
  }
}

Key management

  • Keep keys secret. Never expose API keys in client-side code, public repos, or logs.
  • Rotate regularly. You can regenerate your key from the developer console. The old key is revoked immediately.
  • Use environment variables. Store your key in LISTBEE_API_KEY or your secrets manager.

Idempotency

For POST requests that create resources, you can include an Idempotency-Key header to safely retry requests without creating duplicates. The key should be a unique string (e.g., a UUID) per logical operation.

curl
Python
curl -X POST https://api.listbee.so/v1/listings \
  -H "Authorization: Bearer $LISTBEE_API_KEY" \
  -H "Idempotency-Key: unique-request-id-123" \
  -H "Content-Type: application/json" \
  -d '{"title": "My Listing", ...}'
import httpx

client = httpx.Client(
    base_url="https://api.listbee.so",
    headers={"Authorization": f"Bearer {api_key}"},
)

resp = client.post("/v1/listings", json={
    "title": "My Listing",
}, headers={"Idempotency-Key": "unique-request-id-123"})

If you send the same idempotency key again within 24 hours, the API returns the original response without creating a new resource.