Authentication - Notra Documentation

Notra API requests are authenticated with API keys.

How It Works

curl -H "Authorization: Bearer YOUR_API_KEY" \
  "https://api.usenotra.com/v1/posts"

Name	Type	Scheme	Environment Variable
`bearerAuth`	`http`	HTTP Bearer	`NOTRA_BEARER_AUTH`

Create an API Key

Open your workspace dashboard.
Go to API Keys under Developer.
Click Create API Key.
Choose a name, permission, and optional expiration.
Copy the key and store it securely.

API keys are powered by Unkey.

Error Handling

const response = await fetch("https://api.usenotra.com/v1/posts", {
  headers: { Authorization: `Bearer ${process.env.NOTRA_API_KEY}` },
});

if (!response.ok) {
  const error = await response.json();
  console.error(error.error); // e.g. "Missing or invalid API key"
}

Security Best Practices

Treat API keys as secrets. Do not expose them in client-side code, public repositories, or logs.

Store your key in a server-side environment variable such as NOTRA_BEARER_AUTH and make requests from your backend whenever possible.

If a key is exposed, delete it immediately by going to API Keys under the Developer section of your dashboard sidebar.

CachingCache paginated Notra post data safely, including sorting and invalidation patterns.

How It Works
Create an API Key
Error Handling
Security Best Practices

Routes

​How It Works

​Create an API Key

​Error Handling

​Security Best Practices

How It Works

Create an API Key

Error Handling

Security Best Practices