Welcome to Tomba Docs! Create a free Tomba accountand gain instant access to 400+ million contacts!
Overview

API Key and Authentication

To access the Tomba.io API, you must authenticate every request using a unique API key and secret. These credentials are required for all endpoints and ensure that your usage is tracked correctly.

🔒 Important: Your API key and secret identify your account keep them safe. Do not share them publicly or embed them in frontend code.

You can generate, regenerate, or revoke your API keys at any time from your API Keys 🔑 .

Required Authentication Headers

Include the following headers in every request:

FieldHeader NameLocation
API KeyX-Tomba-Keyheader
SecretX-Tomba-Secretheader

Example usage in curl:

curl -X GET "https://api.tomba.io/v1/domain-search?domain=example.com" \
     -H "X-Tomba-Key: your_api_key" \
     -H "X-Tomba-Secret: your_secret_key"
bash