API Key Authentication
Most API requests require authentication via theX-Api-Key HTTP header. Keys are scoped to your organisation and grant access to every endpoint your plan permits. The company profile lookup (GET /api/companies/{id}) is public so details_url links can be resolved without a key.
Get your API key
Sign in to the Jobo Enterprise Dashboard and
navigate to Settings → API Keys. You can create multiple keys — one per
environment or service — and revoke any key at any time.
Add the header to every request
Include
X-Api-Key: YOUR_API_KEY in every request. The key must be sent as
an HTTP header — query-parameter authentication is not supported.Base URL
Environments
Jobo Enterprise exposes one production API host. All documented API paths are
relative to this base URL.
| Surface | URL | Purpose |
|---|---|---|
| Production API | https://connect.jobo.world | Live job data and customer API traffic |
SDK Authentication
Pass your API key when you instantiate the client — the SDK handles the header for every subsequent call.Response Headers
Every successful API response includes headers that help you monitor your usage and stay within limits.Credit Headers
Credits are deducted based on the endpoint and plan. Credit headers are present when wallet metering occurs or when a request is rejected for insufficient credits:| Header | When | Description |
|---|---|---|
X-Credits-Deducted | debit | Number of credits consumed by this request. |
X-Credits-Balance | debit / 402 | Your wallet balance after the debit or failed precheck. |
X-Credits-Required | 402 only | Credits the request would have needed when balance is too low. |
Rate-Limit Headers
Rate limits are applied per API key. When you approach or exceed your limit, use these headers to implement backoff:| Header | Type | Description |
|---|---|---|
X-RateLimit-Limit | integer | Maximum requests allowed per window |
X-RateLimit-Remaining | integer | Requests remaining in the current window |
X-RateLimit-Reset | integer | Unix epoch timestamp when the window resets |
Security Best Practices
- Store API keys in environment variables or a secrets manager (e.g. AWS Secrets Manager, HashiCorp Vault)
- Rotate keys periodically from the dashboard — revoked keys are rejected immediately
- Use separate keys for development, staging, and production
- Monitor usage in the dashboard to detect anomalies and unexpected spikes
- Apply the principle of least privilege — only create keys that your service actually needs
Error Responses
401 Unauthorized — Missing or Invalid Key
If your API key is missing, malformed, or revoked, you’ll receive:403 Forbidden — Insufficient Permissions
If your key is valid but your plan does not include the requested endpoint:429 Too Many Requests — Rate Limit Exceeded
If you exceed your per-key rate limit:Troubleshooting
I'm getting 401 Unauthorized on every request
I'm getting 401 Unauthorized on every request
My requests work in cURL but fail in my application
My requests work in cURL but fail in my application
- Ensure your HTTP client is not stripping custom headers — some frameworks require explicit allow-listing.
- Double-check that you’re using HTTPS, not HTTP.
- If you’re behind a corporate proxy, confirm it forwards the
X-Api-Keyheader untouched.
I'm hitting 429 Too Many Requests
I'm hitting 429 Too Many Requests
- Read the
X-RateLimit-Resetheader and wait until that timestamp before retrying. - Implement exponential backoff with jitter in your retry logic.
- If you consistently hit limits, consider upgrading your plan or contacting support for a rate-limit increase.
My credits are depleting faster than expected
My credits are depleting faster than expected
- Review the
X-Credits-Deductedheader on metered responses to audit usage. - Check current rates on jobo.world/pricing.
- Monitor your wallet and billing settings in the dashboard.
I need to rotate my API key without downtime
I need to rotate my API key without downtime
- Create a new key in the dashboard.
- Deploy the new key to your services.
- Once all traffic uses the new key, revoke the old one.
Need Help?
WhatsApp Support
Chat with our team for fast, real-time assistance.
Email Support
Reach us at support@jobo.world for account or billing queries.

