Authentication - Bulkgrid

Bulkgrid uses API key authentication on every current endpoint.

Send the API key in `x-api-key`

curl https://your-bulkgrid-base-url/api/v1/search \
  -H 'Content-Type: application/json' \
  -H 'x-api-key: bg_live_your_api_key' \
  -d '{"query":"release notes"}'

Recommended environment variables

export BULKGRID_API_KEY='bg_live_your_api_key'
export BULKGRID_BASE_URL='https://your-bulkgrid-base-url'

What to avoid

Do not expose Bulkgrid API keys in browser code.
Do not treat the key as a bearer token.
Do not assume proxies preserve custom headers unless you control that path.

Common failures

`401 Unauthorized`

This usually means the x-api-key header is missing, malformed, or invalid. Example error shape:

{
  "error": "Unauthorized"
}

Requests work locally but fail in production

Check these first:

the deployed service is using the right environment variables
the request is being sent to the correct Bulkgrid base URL
no gateway, CDN, or proxy is stripping x-api-key

Recommended integration pattern

Call Bulkgrid from your backend or worker layer, not directly from the browser.

Playground Quickstart First Search Request

Documentation Index

​Send the API key in x-api-key

​Recommended environment variables

​What to avoid

​Common failures

​401 Unauthorized

​Requests work locally but fail in production

​Recommended integration pattern