Hello, what can we do for you?

Endpoints, authentication, and request/response schemas for fetching live mortgage rate data programmatically.

Scroll To

Other articles

See more

Authentication

Avatar
Jimmy King
  • Updated
Follow

Every request must include your API key in the x-api-key HTTP request header. There is no OAuth flow or token exchange — pass the key directly on every call.

// Authentication Header
const headers = {
  "Content-Type": "application/json",
  "x-api-key": "uL6aLuwfcq1dUvEZTq3Gv2O0KgorNbYXXXXXXXX"
};

Security Best Practice: Never hard-code your API key in client-side or front-end code. Store it as an environment variable or in a secrets manager (e.g., AWS Secrets Manager, HashiCorp Vault) and inject it server-side at runtime.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request
Return to top

Comments

0 comments

Please sign in to leave a comment.

Articles in this section

    Related articles

    Comments

    0 comments

    Please sign in to leave a comment.