Authentication Overview

The Extend API uses Bearer token authentication for all API requests. You’ll need to include your API token in the Authorization header of each request.

Obtaining an API Token

  1. Navigate to the Extend Developer Settings
  2. Create a new API key or copy an existing one

Important: Keep your API tokens secure and never share them publicly. Rotate them regularly and immediately if they’re ever compromised.

Example Auth Header

POST
/workflow_runs
1curl -X POST https://api-prod.extend.app/workflow_runs \
2     -H "x-extend-api-version: 2025-04-21" \
3     -H "Authorization: Bearer <token>" \
4     -H "Content-Type: application/json" \
5     -d '{
6  "workflowId": "workflow_BMdfq_yWM3sT-ZzvCnA3f"
7}'

Error Handling

If authentication fails, you’ll receive a 401 Unauthorized response. Common causes include:

  • Missing the Authorization header
  • Invalid token format
  • Expired or revoked token
  • Insufficient permissions for the requested resource