Skip to main content

API Key Authentication

The PeopleContext API uses API keys to authenticate requests. Include your API key in the Authorization header as a Bearer token.
Keep your API key secure! Never commit it to version control or expose it in client-side code.

Making Authenticated Requests

Include your API key in the Authorization header: 
import requests

headers = {
    "Authorization": "Bearer your_api_key_here",
    "Content-Type": "application/json"
}

response = requests.post(
    "https://api.peoplecontext.com/v1/person/enrich",
    headers=headers,
    json={"github": "torvalds", "websets": ["github"]}
)

Environment Variables

Store your API key in environment variables to keep it secure: 
PEOPLE_CONTEXT_API_KEY=your_api_key_here

Error Responses

401 Unauthorized

Missing API key: 
{
  "detail": "Missing API key. Include 'Authorization: Bearer <key>' header."
}
Invalid or revoked API key: 
{
  "detail": "Invalid or revoked API key."
}

403 Forbidden

Organization is inactive: 
{
  "detail": "Organization is inactive."
}

429 Too Many Requests

Rate limit exceeded (1000 requests per minute): 
{
  "detail": "Rate limit exceeded. Try again in 42 seconds."
}
Monthly quota limit exceeded: 
{
  "detail": "Monthly request limit exceeded."
}

Rate Limits

Rate Limit: 1,000 requests per minute per API key
Exceeding this limit will result in HTTP 429 (Too Many Requests) responses with a Retry-After header.

Quota Tracking

All authenticated API responses include headers to help you monitor your monthly quota usage:
HeaderDescription
X-Quota-UsedNumber of requests used in the current billing period
X-Quota-LimitTotal requests allowed in your plan
X-Quota-RemainingNumber of requests remaining

Example Response Headers

HTTP/1.1 200 OK
X-Quota-Used: 2847
X-Quota-Limit: 10000
X-Quota-Remaining: 7153
Use these headers to track your usage programmatically and avoid hitting your monthly quota limit.

Best Practices

  • Never hardcode API keys in your source code
  • Use environment variables or secret management systems
  • Rotate keys regularly
  • Use different keys for development and production
  • Implement exponential backoff for rate limit errors
  • Cache responses when possible
  • Monitor the rate limit headers
  • Always check response status codes
  • Implement retry logic for transient errors (500, 503)
  • Handle rate limits gracefully