Authentication

How to authenticate

Every request to MailerLite API should have HTTP header containing a valid API key that we use to authenticate the account:

X-MailerLite-ApiKey - your account's API key.

API key can be obtained from Integrations page when you are logged into the MailerLite application (screenshot below) or just simply click here.

Where to find API key?

❗️
Usage of a key on a client side
When you make a request to API from a client side, you should see a similar message on your browser's console:
Request header field x-mailerlite-apikey is not allowed by Access-Control-Allow-Headers in preflight response
API key is designed for server-side usage and it cannot be used directly on the client side making AJAX calls because it will be exposed publicly. So it is forbidden due to security concerns.

Authenticated request example

curl -v https://api.mailerlite.com/api/v2 \
-H "X-MailerLite-ApiKey: {replace-it-with-your-api-key}"
-H "Content-Type: application/json"

Authentication errors

You might get errors described below when authentication fails. You can read more about response and errors in this page.

{
  "error": {
    "code": 1,
    "message": "Unauthorized"
  }
}

{
  "error": {
    "code": 302,
    "message": "API-Key Unauthorized"
  }
}

How to authenticate

❗️Usage of a key on a client side

Authenticated request example

Authentication errors

❗️
Usage of a key on a client side