Authentication

Authenticate your API requests using a Bearer token passed in the Authorization header.

Bearer token authentication

All API endpoints require authentication. Include your API token in the Authorization header as a Bearer token with every request:

Authorization: Bearer your_api_key_here

curl https://app.nashra.ai/api/subscribers \
  -H "Authorization: Bearer your_api_key_here"

Go to Settings

Open Settings > API Tokens from your Nashra dashboard.

Create a new token

Click Create Token and give it a descriptive name — for example, "Website Integration" or "Zapier Connection."

Set expiration (optional)

Choose whether the token should expire after a set period, or leave it with no expiry.

Copy your token

Your token is displayed once after creation. Copy it immediately and store it securely. You will not be able to see it again.

Your API token is shown only once when it is created. If you lose it, you will need to create a new one.

When creating a token, you can optionally set an expiration date. Tokens without an expiration remain valid until you delete them.

To revoke a token at any time, go to Settings > API Tokens and delete it.

Always use HTTPS — All API requests must be made over HTTPS. The API does not accept HTTP connections.
Do not share your token — Treat your API key like a password. Do not commit it to version control or share it in public code.
Use separate tokens — Create different tokens for different integrations so you can revoke one without affecting others.
Rotate tokens regularly — Delete old tokens and create new ones periodically.
Revoke compromised tokens immediately — If you suspect a token has been exposed, delete it from your settings right away and create a new one.

Was this page helpful?

Last updated Mar 2, 2026