Authentication
All requests to the Progress Public API must include your API key in the X-API-Key request header.
Getting an API key
- Log in to the Progress admin dashboard.
- Open Settings → API Keys.
- Click the + button, give the key a name, and copy the generated key. It looks like
pk_xxxxxxxxxxxxxxxxxxxxxxxxxxxx.
Heads up: Save the key somewhere safe — it grants full access to create, update, and delete trainees in your company.
Using the key
Every request needs the header:
X-API-Key: pk_xxxxxxxxxxxxxxxxxxxxxxxxxxxxExample — create a trainee
curl -X POST 'https://api.progress-workout.com/public-api/trainees' \
-H 'X-API-Key: pk_xxxxxxxxxxxxxxxxxxxxxxxxxxxx' \
-H 'Content-Type: application/json' \
-d '{
"name": "Israel Israeli",
"email": "[email protected]",
"phoneNumber": "+972501234567",
"password": "Pa55word!"
}'For a more thorough walk-through, see the Quick Start.
Errors
A quick summary — see the Errors page for the full reference.
| Status | When |
|---|---|
401 Missing X-API-Key header | The header wasn't sent. |
401 Invalid X-API-Key | The key is wrong, disabled, or deleted. |
Revoking a key
If a key is exposed, open Settings → API Keys in the admin, find the key, and click the trash icon. The key stops working immediately on every server instance. Active key values are visible in the admin UI, so you can rotate without contacting support.
Updated about 1 hour ago