Sales Track Live API Docs

Authentication

Learn how to authenticate your API requests with Sales Track.

API Keys

All API requests require authentication using API keys. You'll need both an API Key and Secret Key to access our endpoints.

🔑 Getting Your API Keys

  1. Sign up for a Sales Track account
  2. Contact our support team to request API access
  3. Receive your unique API Key and Secret Key
  4. Keep your keys secure and never share them publicly

Request Headers

Include the following headers in every API request:

X-API-Key: your_api_key_here
X-Secret-Key: your_secret_key_here
Content-Type: application/json

Authentication Examples

JavaScript (Fetch)

const apiKey = 'your_api_key_here';
const secretKey = 'your_secret_key_here';

const response = await fetch('/api/integrations/crm/merchandisers', {
  method: 'GET',
  headers: {
    'X-API-Key': apiKey,
    'X-Secret-Key': secretKey,
    'Content-Type': 'application/json'
  }
});

const data = await response.json();

PHP (cURL)

<?php
$apiKey = 'your_api_key_here';
$secretKey = 'your_secret_key_here';

$curl = curl_init();
curl_setopt_array($curl, [
    CURLOPT_URL => '/api/integrations/crm/merchandisers',
    CURLOPT_RETURNTRANSFER => true,
    CURLOPT_HTTPHEADER => [
        'X-API-Key: ' . $apiKey,
        'X-Secret-Key: ' . $secretKey,
        'Content-Type: application/json'
    ]
]);

$response = curl_exec($curl);
$data = json_decode($response, true);
curl_close($curl);
?>

Python (Requests)

import requests

api_key = 'your_api_key_here'
secret_key = 'your_secret_key_here'

headers = {
    'X-API-Key': api_key,
    'X-Secret-Key': secret_key,
    'Content-Type': 'application/json'
}

response = requests.get('/api/integrations/crm/merchandisers', headers=headers)
data = response.json()

Security Best Practices

✅ Do

  • Store API keys in environment variables
  • Use HTTPS for all API requests
  • Rotate keys regularly
  • Monitor API usage for anomalies
  • Use server-side authentication

❌ Don't

  • Hardcode keys in client-side code
  • Share keys in public repositories
  • Send keys via URL parameters
  • Use keys in browser developer tools
  • Ignore SSL certificate warnings

Error Responses

When authentication fails, you'll receive one of these error responses:

// Missing API Key or Secret Key
{
  "error": "API key and secret key are required"
}

// Invalid credentials
{
  "error": "Invalid API credentials"
}

// Expired or disabled key
{
  "error": "API key has been disabled"
}

Need Help?

🔑

Get Your API Keys

Ready to start integrating? Contact our support team to get your API credentials.

Authentication Status

Not Authenticated

Get your API keys to start making requests

Need Help?