Authentication - Nozle Routing

All Nozle Routing API endpoints require authentication via an API key passed in the X-API-Key header.

Getting an API Key

Contact us at rohan.iyer@nozlerouting.com to request a key. Keys are issued per partner and can be rate-limited or revoked independently.

Making Authenticated Requests

Include your API key in the X-API-Key header on every request:

curl -X POST https://api.nozlerouting.com/v1/routes \
  -H "X-API-Key: YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"origin": "...", "destination": "..."}'

Errors

Requests without a valid API key receive a 403 Forbidden response:

{
  "error_code": "AUTHENTICATION_FAILED",
  "message": "Invalid or missing API key",
  "request_id": "req_..."
}

Security Best Practices

Never commit API keys to version control or expose them in client-side code. Use environment variables or secret management systems.

Store API keys in environment variables, not source code
Use different keys for development and production environments
Rotate keys periodically
Contact us immediately if you suspect a key has been compromised

Quickstart: integrate the Nozle API in minutes Data model: what you provide and what we compute