Overview
API Key and Authentication
To access the Tomba.io API, you must authenticate every request using a unique API key and secret. These credentials are required for all endpoints and ensure that your usage is tracked correctly.
🔒 Important: Your API key and secret identify your account keep them safe. Do not share them publicly or embed them in frontend code.
You can generate, regenerate, or revoke your API keys at any time from your API Keys 🔑 .
Required Authentication Headers
Include the following headers in every request:
Field | Header Name | Location |
---|---|---|
API Key | X-Tomba-Key | header |
Secret | X-Tomba-Secret | header |
Example usage in curl
:
curl -X GET "https://api.tomba.io/v1/domain-search?domain=example.com" \ -H "X-Tomba-Key: your_api_key" \ -H "X-Tomba-Secret: your_secret_key"bash