Skip to main content
Every request is authenticated with an organisation API key, sent in the x-api-key header.
curl https://api.dyspach.com/v1/org/quote/getQuote \
  -H "x-api-key: dzk_live_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" \
  -H "Content-Type: application/json" \
  -d '{ ... }'

Creating a key

1

Open Settings → API Keys

In the Dyspach portal, go to Settings → API Keys and choose Create new key.
2

Copy the key immediately

The full key (dzk_live_…) is shown once, at creation. Copy it and store it in your secrets manager right away.
For security, only a hashed form of the key is retained — the full key cannot be retrieved after creation. If it is lost or compromised, revoke it and issue a replacement.
3

Use it as x-api-key

Send the key in the x-api-key header on every request.

Key handling

Shown once

Only the key’s prefix (e.g. dzk_live_7fe18dc) is shown afterward, for identification.

Hashed at rest

The server stores only a SHA-256 hash of the key.

Multiple keys

Create several keys (e.g. per integration) and revoke individually.

Revocable

Revoke a key from Settings → API Keys at any time; it stops working immediately.

Errors

401 Unauthorized
Missing or invalid key
Sent when the x-api-key header is absent or does not match an active key. Make sure you copied the full key, not the prefix.
See Errors for the full list.