Skip to main content
Events APIs use HTTP Basic Authentication. Include this header in every request:
Authorization: Basic <base64(api_key:)>
The API key goes in the username field of HTTP Basic Auth. The password is always empty — note the trailing colon before Base64 encoding.

Required Header

  • Authorization: Basic followed by Base64 of api_key: (API key + colon, empty password).

Where to find your API key

  • Dashboard path: Workspace Settings → API Keys
  • Create or manage keys in the Zixflow dashboard for your workspace.

Encoding example

# API key: ws_abc123
echo -n "ws_abc123:" | base64
# → d3NfYWJjMTIzOg==

Example request

curl -X POST "https://api-events.zixflow.com/v1/track" \
  -H "Authorization: Basic d3NfYWJjMTIzOg==" \
  -H "Content-Type: application/json" \
  -d '{"userId": "user_123", "event": "Button Clicked"}'

Auth error responses

HTTP StatusReason
401 UnauthorizedMissing, invalid, or unrecognised API key
503 Service UnavailableAuth cache temporarily unavailable
See Events Errors for the full error response shape.
Do not use messaging ingest headers (x-api-key, x-workspace-id) with Events APIs. Those apply only to api-ai.zixflow.com.