Theme

API reference

Authentication

This page covers how to authenticate your API requests using your HLC access token. Keep your credentials secure and rotate tokens regularly.

Authentication mechanism:

  • HLC Access Token (ApiKey): This token is generated in the HLC B2B site and is supported across API versions. Pass the token in the Authorization header as shown below and as explained in the security page.

Header format

Use your access token in every request:

const apiKey = process.env.HLC_API_KEY

const res = await fetch('https://api.hlc.bike/us/v4.1/Catalog/Brands', {
  headers: {
    Authorization: `ApiKey ${apiKey}`,
    language: 'en',
  },
})

const brands = await res.json()

Security Note

Do not expose your ApiKey in client-side applications. Keep it in secure server-side environment variables.

Previous
Error codes
Next
Catalog