Blueticks

Authentication

How to obtain and use a Blueticks API key.

The Blueticks API uses bearer-token authentication. Every request must include a valid API key in the Authorization header.

Obtaining a key

  1. Open app.blueticks.co/blueticks-api and sign in if prompted.
  2. Click Create key. Copy the value immediately — you won't see it again.

Using a key

HTTP

GET /v1/account HTTP/1.1
Host: api.blueticks.co
Authorization: Bearer BLUETICKS_API_KEY

GET /v1/account is the simplest authenticated call — use it to verify a key works and to read back the workspace it belongs to:

curl -X GET 'https://api.blueticks.co/v1/account' \  -H 'Authorization: Bearer BLUETICKS_API_KEY'
import blueticksbt = blueticks.Blueticks(api_key="BLUETICKS_API_KEY")result = bt.account.retrieve()
import { Blueticks } from 'blueticks';const bt = new Blueticks({ apiKey: 'BLUETICKS_API_KEY' });const result = await bt.account.retrieve();
use Blueticks\Blueticks;$bt = new Blueticks(['apiKey' => 'BLUETICKS_API_KEY']);$result = $bt->account->retrieve();
require "blueticks"client = Blueticks::Client.new(api_key: "BLUETICKS_API_KEY")result = client.account.retrieve()
import (	"context"	blueticks "github.com/serenix-com/blueticks-go")client, _ := blueticks.NewClient(blueticks.WithAPIKey("BLUETICKS_API_KEY"))result, _ := client.Account.Retrieve(context.Background())

SDKs

All five official SDKs read BLUETICKS_API_KEY from the environment as a default. You can also pass a key explicitly at construction time:

from blueticks import Blueticks
client = Blueticks(api_key="BLUETICKS_API_KEY")
import { Blueticks } from "blueticks";
const client = new Blueticks({ apiKey: "BLUETICKS_API_KEY" });
use Blueticks\Blueticks;
$client = new Blueticks(['apiKey' => 'BLUETICKS_API_KEY']);
require "blueticks"
client = Blueticks::Client.new(api_key: "BLUETICKS_API_KEY")
import blueticks "github.com/serenix-com/blueticks-go"

client, err := blueticks.NewClient(blueticks.WithAPIKey("BLUETICKS_API_KEY"))

Rotating keys

  1. In the dashboard, create a new key.
  2. Roll the new key out across your fleet.
  3. Revoke the old key from the dashboard once you've confirmed traffic has moved.

Revoked keys return 401 authentication_required on every request.

Key format

Keys are bearer tokens that look like bt_live_.... Treat the full key as a secret — never commit it or expose it client-side. If you need to identify a key in logs, log only its first few characters.

To verify a key works, call GET /v1/ping — it requires a valid key and returns the account_id it belongs to plus the WhatsApp engines currently connected.

Quickstart

Install the Blueticks SDK for your language, authenticate, and make your first call.

Errors & retries

How the Blueticks API reports failures and how your client should respond.

On this page

Obtaining a keyUsing a keyHTTPSDKsRotating keysKey format