Authentication

The Linkt API uses API key authentication. All requests must include a valid API key in the request headers.

Getting Your API Key

Log in to your Linkt Dashboard
Navigate to Settings > API Keys
Click Create API Key
Give your key a descriptive name (e.g., "Production API Key")
Copy and securely store your API key

Store Your Key Securely

Your API key is only displayed once when created. Store it securely in a password manager or secrets vault. If you lose your key, you'll need to generate a new one.

Using Your API Key

Include your API key in the x-api-key header with every request:

from linkt import Linkt
 
# Uses LINKT_API_KEY environment variable by default
client = Linkt()
 
# Or provide API key explicitly
# client = Linkt(api_key="your_api_key_here")
 
# List ICPs
icps = client.icp.list()
 
# Create an ICP
new_icp = client.icp.create(
    name="Enterprise SaaS Companies",
    description="B2B software companies",
    entity_targets=[
        {
            "entity_type": "company",
            "description": "B2B SaaS companies with 100+ employees"
        }
    ]
)

Installing the SDK

pip install linkt-sdk

Security Best Practices

Environment Variables

Never hardcode API keys in your source code. Use environment variables:

# .env file (do not commit to version control)
LINKT_API_KEY=your_api_key_here

The SDK automatically reads the LINKT_API_KEY environment variable:

from linkt import Linkt
 
# Automatically uses LINKT_API_KEY environment variable
client = Linkt()

Server-Side Only

API keys should only be used in server-side code. Never expose your API key in:

Client-side JavaScript
Mobile app source code
Public repositories
Browser developer tools

Key Rotation

Periodically rotate your API keys for enhanced security:

Create a new API key in the dashboard
Update your application to use the new key
Verify the new key works correctly
Delete the old API key

Rate Limits

The Linkt API implements rate limiting to ensure fair usage.

Plan	Requests per Minute	Requests per Day
Free	60	1,000
Pro	300	10,000
Enterprise	Custom	Custom

Rate Limit Headers

Responses include headers indicating your rate limit status:

X-RateLimit-Limit: 60
X-RateLimit-Remaining: 45
X-RateLimit-Reset: 1704456000

Handling Rate Limits

When you exceed the rate limit, the API returns a 429 Too Many Requests response:

{
  "error": "rate_limit_exceeded",
  "message": "Rate limit exceeded. Please retry after 60 seconds.",
  "retry_after": 60
}

The Linkt SDK automatically handles rate limiting with exponential backoff. If you're using raw HTTP requests, implement exponential backoff manually:

import time
import requests
 
def make_request_with_retry(url, headers, max_retries=3):
    for attempt in range(max_retries):
        response = requests.get(url, headers=headers)
 
        if response.status_code == 429:
            retry_after = int(response.headers.get("Retry-After", 60))
            time.sleep(retry_after)
            continue
 
        return response
 
    raise Exception("Max retries exceeded")

Authentication Errors

Status Code	Error	Description
`401`	`unauthorized`	Missing or invalid API key
`403`	`forbidden`	API key lacks permissions
`429`	`rate_limit_exceeded`	Too many requests

Organization Scope

API keys are scoped to your organization. All resources created with an API key are automatically associated with your organization.

ICPs, Sheets, Tasks, and Runs are organization-scoped
Team members with API access can view and manage shared resources
API keys do not provide cross-organization access

Next Steps

Quickstart Guide - Create your first workflow
API Reference - Explore all endpoints
Core Concepts - Understand the data model

On this page