The DitchCarbon API uses token-based authentication to secure access to endpoints. Each request to the API must include your API key.
API Keys
Each API key is associated with a specific project in your DitchCarbon account. API keys:
- Are unique to your project
- Should be kept secure and never shared publicly
- Have specific permissions and rate limits
- Can be revoked or regenerated if compromised
Getting Your API Key
You can find or generate your API key in the DitchCarbon Dashboard.
Adding Authentication to Requests
The API expects authentication via the HTTP Authorization header using Bearer token format:
Authorization: Bearer YOUR_API_KEY
Examples
cURL
curl -X GET "https://api.ditchcarbon.com/v1/suppliers" \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json"
JavaScript
fetch('https://api.ditchcarbon.com/v1/suppliers', {
method: 'GET',
headers: {
'Authorization': 'Bearer YOUR_API_KEY',
'Content-Type': 'application/json'
}
})
.then(response => response.json())
.then(data => console.log(data));
Python
import requests
url = "https://api.ditchcarbon.com/v1/suppliers"
headers = {
"Authorization": "Bearer YOUR_API_KEY",
"Content-Type": "application/json"
}
response = requests.get(url, headers=headers)
data = response.json()
Ruby
require 'net/http'
require 'uri'
require 'json'
uri = URI.parse('https://api.ditchcarbon.com/v1/suppliers')
request = Net::HTTP::Get.new(uri)
request['Authorization'] = 'Bearer YOUR_API_KEY'
request['Content-Type'] = 'application/json'
response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == 'https') do |http|
http.request(request)
end
data = JSON.parse(response.body)
Error Responses
If authentication fails, you'll receive one of these error responses:
Missing API Key
{
"error": {
"type": "authentication_error",
"message": "Missing API key. Please include your API key in the Authorization header."
}
}
Invalid API Key
{
"error": {
"type": "authentication_error",
"message": "Invalid API key. Please check your API key and try again."
}
}