Authentication

All API requests to Passage Connect and Passage Platform require authentication via API keys. The authentication model is the same for both products.

API keys

API keys are scoped to an app and grant access to all resources owned by that app.

Using your API key

Include your API key in the Authorization header:


Authorization: Bearer YOUR_API_KEY

Key management

Keys are created and managed through the Platform Service
Each app can have multiple active keys
Keys can be revoked without affecting other keys

Public endpoints

Some endpoints do not require an API key:

POST /link/claim — Used by the client SDK to claim a link
POST /webhook_verification_key/get — Fetch the public key for webhook verification

Next steps

Connect Quickstart — Get started with account linking
Platform Quickstart — Get started with session control
Connect API — Connect endpoint docs
Platform API — Platform endpoint docs

Last updated on February 27, 2026

Home Error Codes