ReddGrow DocsAuthentication
All AEO API requests use an API key passed in the x-api-key header.
Authentication
How it works
Every request to /v1/aeo/* must include an API key in the x-api-key request header:
curl -H "x-api-key: rg_YOUR_KEY" https://api.reddgrow.ai/v1/aeo/meAPI keys are prefixed with rg_. If your key doesn't start with rg_, it was not issued for the AEO API.
Plan requirement
AEO API access requires a Pro plan. API keys issued to organizations on the Starter or Growth plan will authenticate successfully (key is recognized) but will receive HTTP 402 Payment Required on every /v1/aeo/* request.
To upgrade: app.reddgrow.ai/settings/billing
Creating and managing keys
- Go to Settings → API Keys in app.reddgrow.ai
- Click Create key and give it a descriptive name
- Copy the key immediately — it is shown only once at creation time
From the same page you can view all active keys, see their last-used timestamp, rename them, and revoke them. Revoking a key takes effect within seconds and permanently invalidates all requests using that key.
Error responses
| Status | Cause |
|---|---|
401 Unauthorized | The x-api-key header is missing or the key value is invalid/revoked |
402 Payment Required | Key is valid but the organization is not on the Pro plan |
Error response shape:
{ "statusCode": 401, "message": "Invalid API key" }Security
Never put your API key in query parameters. The x-api-key header keeps it out of server logs and browser history. Query parameter keys appear in URLs and get stored in access logs, proxy caches, and browser history.
Never put your API key in client-side JavaScript. Keys in frontend bundles are publicly visible to anyone who inspects the page source. Always make AEO API calls from your server or backend.
Use environment variables. Reference your key as REDDGROW_API_KEY in your application config and load it at runtime. Do not hardcode it in source files.
export REDDGROW_API_KEY=rg_your_key_here
curl -H "x-api-key: $REDDGROW_API_KEY" https://api.reddgrow.ai/v1/aeo/meUse one key per environment. Create separate keys for development, staging, and production. This lets you rotate or revoke one environment's key without affecting others.
In CI/CD: Store the key in your secrets manager (GitHub Actions repository secrets, AWS Secrets Manager, etc.) and inject it as an environment variable at build time.