Skip to main content
Notra API requests are authenticated with API keys.

How It Works

curl -H "Authorization: Bearer YOUR_API_KEY" \
  "https://api.usenotra.com/v1/posts"
NameTypeSchemeEnvironment Variable
bearerAuthhttpHTTP BearerNOTRA_BEARER_AUTH

Create an API Key

  1. Open your workspace dashboard.
  2. Go to API Keys under Developer.
  3. Click Create API Key.
  4. Choose a name, resource permissions, and optional expiration.
  5. Copy the key and store it securely.
API Keys page in the Notra dashboard API keys are powered by Unkey.

Permissions

API keys can be scoped per resource. Grant Read when a key only needs to fetch data, Write when it needs to create, update, or delete that resource, and None when the key should not access the resource. Available resources:
  • Posts
  • Brand identities
  • Integrations
  • Schedules
  • Chats
  • Skills
Legacy keys with the older api.read and api.write permissions continue to work. New keys use the resource-specific scopes.

Error Handling

const response = await fetch("https://api.usenotra.com/v1/posts", {
  headers: { Authorization: `Bearer ${process.env.NOTRA_API_KEY}` },
});

if (!response.ok) {
  const error = await response.json();
  console.error(error.error); // e.g. "Missing or invalid API key"
}

Security Best Practices

Treat API keys as secrets. Do not expose them in client-side code, public repositories, or logs.
Store your key in a server-side environment variable such as NOTRA_BEARER_AUTH and make requests from your backend whenever possible.
If a key is exposed, delete it immediately by going to API Keys under the Developer section of your dashboard sidebar.
Last modified on July 6, 2026