Authentication

API Key Authentication

The TexAu V3 API uses API key authentication. Every request must include your API key in the x-api-key HTTP header.

curl https://v3-api.texau.com/api/v1/health \
  -H "x-api-key: YOUR_API_KEY"

Getting Your API Key

API keys are issued to enterprise customers. Visit texau.com or contact your account manager to get started.

Once provisioned, treat your key like a password:

• Never commit it to source control — use environment variables
• Never expose it in client-side code — proxy requests through your backend
• Rotate it immediately if you suspect it has been compromised

Making Authenticated Requests

curl -X POST https://v3-api.texau.com/api/v1/enrich_profile \
  -H "x-api-key: YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"url": "https://www.linkedin.com/in/satyanadella"}'

import requests

API_KEY = "YOUR_API_KEY"  # or os.environ["TEXAU_API_KEY"]
BASE_URL = "https://v3-api.texau.com/api/v1"

response = requests.post(
    f"{BASE_URL}/enrich_profile",
    headers={
        "x-api-key": API_KEY,
        "Content-Type": "application/json",
    },
    json={"url": "https://www.linkedin.com/in/satyanadella"},
)
print(response.json())

const API_KEY = process.env.TEXAU_API_KEY!;
const BASE_URL = "https://v3-api.texau.com/api/v1";

const response = await fetch(`${BASE_URL}/enrich_profile`, {
  method: "POST",
  headers: {
    "x-api-key": API_KEY,
    "Content-Type": "application/json",
  },
  body: JSON.stringify({ url: "https://www.linkedin.com/in/satyanadella" }),
});

const data = await response.json();

const fetch = require("node-fetch"); // or built-in fetch in Node 18+

const res = await fetch("https://v3-api.texau.com/api/v1/enrich_profile", {
  method: "POST",
  headers: {
    "x-api-key": process.env.TEXAU_API_KEY,
    "Content-Type": "application/json",
  },
  body: JSON.stringify({ url: "https://www.linkedin.com/in/satyanadella" }),
});
const data = await res.json();

Authentication Errors

Error response body:

{ "message": "Forbidden" }

The Health Endpoint (No Auth Required)

The /health endpoint does not require authentication. Use it to verify connectivity or in uptime checks:

curl https://v3-api.texau.com/api/v1/health
# {"status": "ok", "apis": 30}

Environment Variables

Store your API key in an environment variable — never hard-code it:

# .env (add to .gitignore)
TEXAU_API_KEY=texau_live_xxxxxxxxxxxxxxxx

import os
API_KEY = os.environ["TEXAU_API_KEY"]

This API uses OpenAPI to describe endpoints, parameters, and responses. The reference is generated from openapi.yaml, so keep that file up to date as your API evolves.

Authentication

Use a bearer token in the Authorization header for authenticated requests. Replace the base URL and token with values for your own API.

curl https://api.example.com/v1/example \
  -H "Authorization: Bearer YOUR_TOKEN"

Keep OpenAPI in sync

Define your authentication and base settings in openapi.yaml so the API Reference stays accurate and consistent.

At a minimum, you should:

• Define one or more security schemes that describe how clients authenticate (for example, bearer token, API key in a header, or other scheme).
• Reference those security schemes on operations that require authentication so they are clearly marked as secured.
• Set the correct base URL and any required global headers (for example, versioning or tenant headers) so example requests are copy-pasteable.

When your real authentication flow changes (for example, new header names, token formats, or additional requirements), update openapi.yaml. The generated API Reference will then reflect your current auth model without needing to edit each endpoint page by hand.

Using the API reference

Use the API Reference to explore endpoints, required parameters, and example responses. When you change authentication headers or base URLs, update openapi.yaml so the generated reference matches what your clients should use.

Common mistakes