Skip to main content
Every request to The Hog API — except the public health endpoint — requires authentication. Use the API key and API secret from the Credentials page in your dashboard. Send the public API key as X-Access-Key and the API secret as X-Secret-Key.
Keep your API keys and secret keys secure. Never expose them in client-side code, public repositories, or logs. If a key is compromised, rotate it immediately from your account settings.

Headers

X-Access-Key: ak_xxxxxxxxxxxxxxxx
X-Secret-Key: sk_xxxxxxxxxxxxxxxx
Do not use the Authorization header for dashboard-created API credentials.

Example request

curl -X POST https://developer.thehog.ai/api/v1/companies/search \
  -H "X-Access-Key: ak_xxxxxxxxxxxxxxxx" \
  -H "X-Secret-Key: sk_xxxxxxxxxxxxxxxx" \
  -H "Content-Type: application/json" \
  -d '{"query": "Salesforce", "limit": 5}'

Authentication errors

Status codeMeaningWhat to check
401 UnauthorizedMissing or invalid credentialsVerify your API key and API secret are correct and have not been revoked.
403 ForbiddenValid credentials but insufficient permissionsYour key does not have access to this endpoint or resource. Check your plan and permissions.
All error responses follow a consistent shape: 
{
  "statusCode": 401,
  "error": "Unauthorized",
  "message": "Invalid or missing authentication credentials",
  "path": "/api/v1/companies/search",
  "requestId": "01HZXAMPLE000000000000000",
  "timestamp": "2025-06-01T12:00:00.000Z"
}
Every API response includes an X-Request-Id header. Include this value when contacting support — it lets the team trace your specific request.

Next steps

Once you can authenticate successfully, follow the quickstart to make your first company search, find people, and enrich a contact.