Authentication
All requests to CekatAI Open API require authentication using a Bearer token.
Authentication Method
Authentication: Use Bearer token in the Authorization header.
All API requests must include:
Authorization: Bearer YOUR_API_KEY
Making Authenticated Requests
curl -X GET "https://api.cekat.ai/api/inboxes" \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json"
Getting Your API Key
Navigate to Settings
Go to Settings > API Keys in your CekatAI dashboard.
Generate New Key
Click Generate New Key and give it a descriptive name.
Copy and Store
Copy the key immediately — it won't be shown again for security reasons.
Use in Requests
Include the key in your API requests using the Bearer token method.
Example: List Inboxes
curl -X GET "https://api.cekat.ai/api/inboxes" \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json"
Example: List Conversations
curl -X GET "https://api.cekat.ai/api/conversations?limit=10" \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json"
Example: Get Contacts
curl -X GET "https://api.cekat.ai/api/contacts?limit=10" \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json"
Error Responses
If authentication fails, you'll receive a 401 Unauthorized response:
{
"success": false,
"status_code": 401,
"error": {
"message": "Not authenticated"
}
}
Security Best Practices
Store API keys securely — never commit them to version control
Use environment variables to inject keys at runtime
Rotate keys periodically for enhanced security
Use read-only keys for systems that only need to read data
Monitor API usage in your dashboard for suspicious activity
Rate Limits
| Plan | Requests/minute | Requests/day |
|---|---|---|
| Free | 60 | 1,000 |
| Pro | 300 | 10,000 |
| Business | 1,000 | Unlimited |
Rate limit headers are included in every response:
X-RateLimit-Limit: Maximum requests per minuteX-RateLimit-Remaining: Remaining requests in current window