Skip to main content
GenRank API access is provisioned by the GenRank team as part of your Scale plan onboarding. You do not generate credentials yourself through a self-serve dashboard — instead, your API key and endpoint details are delivered to you once your integration has been configured and your account is ready. This approach exists because every GenRank API setup is tailored: your endpoint, your tracked brand configuration, your custom output fields. Provisioning credentials manually ensures your integration is verified and correctly scoped before you start sending requests.
Your specific API key, base URL, and endpoint details are provided by GenRank during onboarding. If you have not yet started the process, contact GenRank to get set up on the Scale plan.

How authentication works

The GenRank API uses Bearer token authentication. Every request must include your API key in the Authorization header as a Bearer token. Requests without a valid token are rejected with a 401 Unauthorized response.

Required headers

Authorization
string
required
Your API key passed as a Bearer token. Format: Bearer YOUR_API_KEY.
Content-Type
string
required
Must be application/json for all requests.

Example authenticated request

The following example shows how to structure an authenticated request using cURL. Replace YOUR_API_KEY with the key provided during your onboarding. 
curl -X GET "https://api.genrank.io/v1/mentions" \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json"
The same pattern applies in any HTTP client or SDK. Here are equivalent examples in Python and JavaScript: 
import requests

headers = {
    "Authorization": "Bearer YOUR_API_KEY",
    "Content-Type": "application/json"
}

response = requests.get("https://api.genrank.io/v1/mentions", headers=headers)
data = response.json()

Credential delivery

When your GenRank Scale plan is set up and your API integration is configured, you receive:
  • Your API key — a secret token that authenticates your requests
  • Your base URL — the endpoint specific to your account configuration
  • Integration notes — any custom fields, parameters, or request patterns specific to your setup
Store these details securely. If you lose access to your key or need to rotate it, contact GenRank support.

Keeping your API key secure

Never commit your API key to version control. If your key is exposed in a public repository or shared accidentally, contact GenRank immediately to have it rotated.
Follow these practices to keep your credentials safe:
  • Store your API key in environment variables, not hardcoded in source files
  • Use a secrets manager (such as AWS Secrets Manager, HashiCorp Vault, or GitHub Secrets for CI/CD) to inject the key at runtime
  • Restrict access to the environment variable or secret to only the services that need it
  • Never log the full Authorization header or print your key to console output
  • Rotate your key periodically, or immediately if you suspect it has been compromised
# Store your key in an environment variable
export GENRANK_API_KEY="your_api_key_here"

# Reference it in requests
curl -X GET "https://api.genrank.io/v1/mentions" \
  -H "Authorization: Bearer $GENRANK_API_KEY" \
  -H "Content-Type: application/json"

Authentication errors

If your request is not properly authenticated, the API returns a 401 Unauthorized response. Common causes include:
  • Missing Authorization header
  • Malformed token (e.g., using Token instead of Bearer)
  • Expired or revoked API key
  • Using a key from a different account or environment
If you are consistently receiving authentication errors after confirming your header format is correct, contact GenRank support to verify that your key is active and properly scoped to your account.