Skip to main content

Documentation Index

Fetch the complete documentation index at: https://gtmapis.mintlify.app/llms.txt

Use this file to discover all available pages before exploring further.

API Key Format

GTMAPIs uses API keys for authentication. All API requests must include your API key in the X-API-Key header.

Key Types

gtm_test_1234567890abcdef1234567890abcdef
  • Test keys (gtm_test_*) - For development and testing
  • Live keys (gtm_live_*) - For production use
Never commit API keys to version control or expose them in client-side code. Store them as environment variables.

Making Authenticated Requests

Include your API key in the X-API-Key header with every request: 
curl -X POST https://api.gtmapis.com/v1/validate \
  -H "Content-Type: application/json" \
  -H "X-API-Key: gtm_test_your_key_here" \
  -d '{"email":"test@example.com"}'

Generating API Keys

1

Login to Dashboard

Go to gtmapis.vercel.app/dashboard
2

Navigate to API Keys

Click on API Keys in the sidebar
3

Create New Key

Click Generate New Key and choose test or live mode
4

Save Your Key

Copy the full key immediately - it’s only shown once!
API keys are stored as SHA-256 hashes for security. You’ll only see the full key once during creation.

API Key Security

Best Practices

Do:
  • Store API keys as environment variables
  • Use test keys for development
  • Rotate keys regularly
  • Use separate keys for different environments
  • Revoke compromised keys immediately
Don’t:
  • Commit keys to version control
  • Share keys in public forums or Slack
  • Use live keys in development
  • Expose keys in client-side JavaScript
  • Hardcode keys in your source code

Key Storage Example

# Store in .env file (never commit this!)
GTMAPIS_API_KEY=gtm_test_your_key_here

Rate Limits

Each API key has a rate limit of 1000 requests per minute. If you exceed this limit, you’ll receive a 429 Too Many Requests response: 
{
  "error": "Rate limit exceeded",
  "message": "You have exceeded the rate limit of 1000 requests per minute",
  "retry_after": 60
}
For higher rate limits, contact us at matt@closedwonleads.com

Error Responses

Invalid API Key

{
  "error": "Unauthorized",
  "message": "Invalid API key"
}

Missing API Key

{
  "error": "Unauthorized",
  "message": "X-API-Key header is required"
}

Expired or Revoked Key

{
  "error": "Unauthorized",
  "message": "API key has been revoked"
}

Next Steps

Make Your First Request

Try the API with your new key

API Reference

Explore all available endpoints