Onsidian API

Authentication

How to authenticate with the Onsidian API

All API requests require authentication via API key or request signature, depending on the endpoint.

Vendor API key

Most ingestion endpoints authenticate via a vendor API key passed in the Authorization header:

Authorization: Bearer <vendor-api-key>

The API key identifies the vendor and determines how the payload is parsed.

Internal service key

Some endpoints (e.g., lead lookups) require an internal service key for service-to-service communication.

Twilio signature

SMS webhook endpoints validate requests using Twilio's request signature to ensure they originate from Twilio.

Onsidian API

API reference for api.onsidian.com

Error Handling

Standard error response format for all API endpoints

On this page

Vendor API keyInternal service keyTwilio signature