Skip to main content
To securely access and interact with Gumloop’s API, authentication is required. Users must generate an API Key, which will be used to authenticate requests. Each workspace has a separate API Key which can be generated under the workspace settings where all of the other workspace credentials are found.
Generating an API key is only available on the Solo plan & above.

Personal vs Workspace API Keys

Gumloop offers two types of API keys for triggering flows via webhook:
API key selection dropdown showing Personal and Workspace options

Your Individual Key

Your personal API key is tied to your individual account.Characteristics:
  • Only you should have access to this key
  • Can only trigger flows for yourself (your user_id)
  • Uses your personal credentials by default
  • Available on Solo plan and above
Best for:
  • Personal automations
  • Testing and development
  • Flows where you’re the only user

How Credentials Are Resolved

When a flow is triggered via API, the credentials used depend on two factors:
  1. The project_id parameter in your request
  2. The “Credentials to use” setting on each node in the flow
Request ParametersNode SettingCredentials Used
user_id onlyPersonal DefaultUser’s personal credentials
user_id + project_idPersonal DefaultUser’s personal credentials
user_id + project_idWorkspace DefaultWorkspace credentials
Key insight: The API key type (personal vs workspace) controls who can trigger the flow. The node’s “Credentials to use” setting controls which credentials are used during execution.
Workspaces are available on Team plan and above. If you’re on a Solo plan, you’ll only have access to personal API keys and personal credentials.

Generating an API Key

1

Navigate to Credentials

Visit the credentials page to access your workspace credentials page.
2

Generate Your API Key

Generate your unique API Key from the credentials section. This key is essential for making authenticated requests to Gumloop’s API.
Your API Key has been successfully generated! Make sure to store it securely.

Using the API Key

With your API Key, you must include it in the headers of every request to the API. The API Key should be sent as an Authorization Bearer token.

Authentication Header Format

Authorization: Bearer YOUR_API_KEY_HERE

Code Examples

Below are examples of how to include the API Key in requests using different programming languages. 
curl -X POST \
  https://api.gumloop.com/api/v1/start_pipeline \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer [INSERT API KEY HERE]" \
  -d '{
    "user_id": "xxxxxxxxxxxxxx",
    "saved_item_id": "xxxxxxxxxxxxxx"
  }'

Troubleshooting

If you receive a 401 error:
  1. Verify your API key is correct
  2. Ensure the API key is included in the Authorization header
  3. Check that the header format is: Authorization: Bearer YOUR_API_KEY
  4. Confirm your API key hasn’t been revoked or regenerated
If your API key isn’t working:
  1. Verify you’re on the Solo plan or above
  2. Check that you copied the entire API key without extra spaces
  3. Ensure you’re using the correct workspace’s API key
  4. Try regenerating your API key if issues persist

Next Steps

Getting Started

Learn how to make your first API call with Gumloop

Start Automation

Discover how to trigger and run your automations via API

Python SDK

Use our Python SDK for easier integration

JavaScript SDK

Use our JavaScript SDK for easier integration