API reference

Authentication

Every API request needs an API key. Here's how to attach one.

Authentication on the Wemob API is simple: create an API key in the dashboard, put it in an Authorization header on every request, and you're done. There are no refresh tokens, no sessions, no OAuth dances. Just a bearer token.

Use an API key#

If you haven't already, create one from the dashboard — see API keys. Copy it somewhere safe the moment you create it; you can't see it again later.

The Authorization header#

Include the key in an Authorization header on every request, with the word Bearer in front:

terminalbash

1curl https://api.wemob.io/v2/apps \
2  -H "Authorization: Bearer YOUR_API_KEY"

Never in client-side code

API keys are powerful. Never put them in a website's JavaScript where a visitor could read them. Only use them on a server you control, or from your own local machine.

Common errors#

401 Unauthorized — you forgot the header, or it's malformed
403 Forbidden — the key is valid but doesn't have permission for this operation (for example, a key on a personal account trying to touch a team workspace)
404 Not Found — the resource doesn't exist, or your key can't see it
429 Too Many Requests — slow down; try again in a few seconds

← Previous

API overview

Apps

Last updated · April 11, 2026