Getting started

Authentication

All API requests require a valid API key passed as a Bearer token in the Authorization header.

Bearer Token

Include your API key in every request using the Authorization header:

Header

Authorization: Bearer gtm_live_your_key

curl -X POST https://api.gtmcli.com/v1/validate \
  -H "Authorization: Bearer gtm_live_your_key" \
  -H "Content-Type: application/json" \
  -d '{"email":"test@example.com"}'

How to Get Your Key

1. Sign up or log in at app.gtmcli.comm.

2. Go to Settings → API Keys.

3. Click Create Key. Your key will start with gtm_live_.

4. Copy and store the key securely. It will only be shown once.

TIP

Store your API key in an environment variable and reference it from server-side code. Never hard-code keys in your source.

WARNING

Never expose your API key in client-side code, public repos, or frontend bundles. Use environment variables and server-side requests only.

Error Codes

Status CodeMeaningWhat to Do

401Missing or invalid API keyCheck that your Authorization header includes a valid key starting with gtm_live_

402Insufficient creditsPurchase more credits or upgrade your plan at app.gtmcli.comm

429Rate limit exceededBack off and retry after the time indicated in the Retry-After header

Rate Limit Headers

Every response includes rate limit headers so you can monitor your usage:

HeaderDescription

X-RateLimit-LimitMaximum requests allowed per window

X-RateLimit-RemainingRequests remaining in current window

X-RateLimit-ResetUnix timestamp when the window resets

Retry-AfterSeconds to wait before retrying (only on 429)