# Introduction

### Getting Started

{% hint style="info" %}
**Note:** To use our APIs, you need to have an [XtraKit account](https://xtrakit.com). On the XtraKit dashboard, we will generate any API for you.
{% endhint %}

## Overview

Our APIs are designed to integrate seamlessly with your systems and applications. This document serves as a comprehensive reference for all the features accessible to you through our APIs for adding and fetching data. It's designed around the primary resources you'll need most frequently and is made with RESTful standards in mind.

### HTTP Methods <a href="#api-basics-1" id="api-basics-1"></a>

<table data-card-size="large" data-view="cards"><thead><tr><th></th><th></th></tr></thead><tbody><tr><td><mark style="color:yellow;"><strong><code>POST</code></strong></mark></td><td>To add new business data to the system, use this request.</td></tr><tr><td><mark style="color:green;"><strong><code>GET</code></strong></mark></td><td>To add and retrieve business data from the system, use this request.</td></tr><tr><td><mark style="color:purple;"><strong><code>PUT</code></strong></mark></td><td>To update an existing business record in the system, use this request.</td></tr><tr><td><mark style="color:red;"><strong><code>DELETE</code></strong></mark></td><td>To remove business records from the system, use this request. Removal is permanent.</td></tr></tbody></table>

## Authentication

Place your API key in the Authorisation header of each request you make to ensure the authenticity of your API calls. From your [API settings](https://app.xtrakit.com/settings/apis) page, you can manage your API key.

However, the API key must remain confidential. You can reset your API key or, if you think it has been compromised for any reason, change it from the [API settings](https://app.xtrakit.com/settings/apis) page.

The following format should be used for authorisation headers:

`Authorization: Bearer API_KEY`

{% hint style="info" %}
**Sample Authorization Header**

Authorization: Bearer 92857043717beff382ae75c8dc7514162f04
{% endhint %}

```php
curl -H "Authorization: Bearer API_KEY" \
     https://api.xtrakit.com/api/v1/user/authenticate
```

## Requests and Response <a href="#authentication-1" id="authentication-1"></a>

The format of the response and request payloads is JSON. Responses will always have `application/json` as their content type. Each response will typically follow this format:

## Response Formats

| Response | Data type | Description                                                                                      |
| -------- | --------- | ------------------------------------------------------------------------------------------------ |
| status   | number    | The HTTP status code indicating a status operation.                                              |
| message  | string    | This gives you detailed explaination on the request sent. The interpretation of the status code. |
| data     | object    | An object holding any data that the API returned after receiving the request.                    |

## **Status Codes and Interpretation**

| Status Code | Interpretation                                            |
| ----------- | --------------------------------------------------------- |
| `200`       | Standard for successful request.                          |
| `201`       | Used for requests as a result of creation.                |
| `204`       | Indicates that a request has succeeded or been processed. |
| `400`       | For bad requests.                                         |
| `401`       | For unathorized.                                          |
| `402`       | For payment required.                                     |
| `404`       | For not found.                                            |
| `500`       | For internal server errors.                               |