API Reference

Authentication

Learn how to authenticate with the izli.io API using API keys.

Authentication

All API requests require authentication via API keys. API keys provide secure, revocable access to your organization's resources.

Creating an API Key

Go to Settings in the sidebar. Scroll down to the API Keys section.

Create New Key

Enter a name for your key (e.g. CI/CD - Production) and click Create.

Each key name must be unique within your organization.

Copy Your Key

Copy the key immediately — it won't be shown again.

izli_agent_abc123xyz789...

API keys are shown only once when created. Store them securely. If lost, revoke the old key and create a new one.

Using API Keys

Authorization Header

Include your API key in the Authorization header:

curl -X GET https://api.izli.io/api/v1/monitors \
  -H "Authorization: Bearer izli_agent_abc123xyz789"

Request Example

const response = await fetch('https://api.izli.io/api/v1/monitors', {
  method: 'GET',
  headers: {
    'Authorization': 'Bearer izli_agent_abc123xyz789',
    'Content-Type': 'application/json',
  },
});

API Key Scopes

API keys are created with the agent scope by default, which grants access to:

CapabilityDescription
Run journeysTrigger and view journey runs
Run monitorsExecute monitor checks
View resultsAccess test results and reports
Upload artifactsSubmit trace files and screenshots

Key Security

Best Practices

  1. Set meaningful names — Use descriptive names like CI/CD - Production or Staging Tests
  2. Use environment variables — Never hardcode keys in source code
  3. Separate keys per environment — Different keys for staging, production, CI/CD
  4. Revoke unused keys — Review and clean up periodically
  5. Rotate regularly — Create new keys and revoke old ones

Environment Variables

Store keys in environment variables:

# .env (never commit this file)
IZLI_API_KEY=izli_agent_abc123xyz789
// Use in code
const apiKey = process.env.IZLI_API_KEY;

CI/CD Integration

# GitHub Actions
env:
  IZLI_API_KEY: ${{ secrets.IZLI_API_KEY }}

# GitLab CI
variables:
  IZLI_API_KEY: $IZLI_API_KEY

Revoking Keys

Revoke compromised or unused keys:

  1. Go to Settings in the sidebar
  2. Scroll to the API Keys section
  3. Click the trash icon next to the key

Revoked keys are immediately invalid. Any requests using them will fail with 401 Unauthorized.

Troubleshooting

401 Unauthorized

{
  "success": false,
  "error": {
    "code": "UNAUTHORIZED",
    "message": "Invalid or missing API key"
  }
}

Causes:

  • Missing Authorization header
  • Incorrect key format (must be Bearer <KEY>)
  • Revoked or expired key

Duplicate Name Error

{
  "success": false,
  "error": {
    "code": "BAD_REQUEST",
    "message": "An API key with this name already exists"
  }
}

Solution: Use a unique name, or revoke the existing key with the same name first.

Testing Authentication

Verify your API key works:

curl -X GET https://api.izli.io/api/v1/monitors \
  -H "Authorization: Bearer YOUR_API_KEY"

A successful response returns your monitors:

{
  "success": true,
  "data": [...]
}

API Reference

Programmatically manage monitors, journeys, and alerts with the izli.io REST API.

API Endpoints

Complete reference for all izli.io API endpoints.

On this page

AuthenticationCreating an API KeyNavigate to SettingsCreate New KeyCopy Your KeyUsing API KeysAuthorization HeaderRequest ExampleAPI Key ScopesKey SecurityBest PracticesEnvironment VariablesCI/CD IntegrationRevoking KeysTroubleshooting401 UnauthorizedDuplicate Name ErrorTesting Authentication