How to authenticate

Every request to MailerLite API should have HTTP header containing a valid API key that we use to authenticate the account:

X-MailerLite-ApiKey - your account's API key.

API key can be obtained from Integrations page when you are logged into the MailerLite application (screenshot below) or just simply click here.

Where to find API key?


Usage of a key on a client side

When you make a request to API from a client side, you should see a similar message on your browser's console:

Request header field x-mailerlite-apikey is not allowed by Access-Control-Allow-Headers in preflight response

API key is designed for server-side usage and it cannot be used directly on the client side making AJAX calls because it will be exposed publicly. So it is forbidden due to security concerns.

Authenticated request example

curl -v \
-H "X-MailerLite-ApiKey: {replace-it-with-your-api-key}"
-H "Content-Type: application/json"

Authentication errors

You might get errors described below when authentication fails. You can read more about response and errors in this page.

  "error": {
    "code": 1,
    "message": "Unauthorized"
  "error": {
    "code": 302,
    "message": "API-Key Unauthorized"