Skip to content

Authentication

All partner API endpoints are authenticated with an API key.

This API is intended for server-to-server use by approved partner systems. Do not expose partner API keys in browser code, mobile apps, or other client-side distributions.

How to obtain an API key

API keys are issued by Legiqo as part of partner onboarding. This is not a self-service signup flow.

For API access, pricing, and onboarding, contact contact@legiqo.com.

Header format

Send your key in the X-API-Key header:

X-API-Key: <your-api-key>

Example request

curl -X POST "https://api.test.checkname.ch/v1/conflicts/search" \
  -H "X-API-Key: <your-api-key>" \
  -H "Content-Type: application/json" \
  -d '{"name":"Alpen Data AG"}'

Key management recommendations

  • Use separate keys per environment and per consuming service.
  • Rotate keys regularly and immediately after suspected exposure.
  • Log key identifier metadata, not full key values.
  • Treat partner API keys as backend integration secrets, not end-user credentials.

Authentication failures

  • 401 Unauthorized: missing or invalid API key.
  • 403 Forbidden: key valid but not allowed for the target endpoint or scope.