Skip to main content

Authentication

All Fribl API requests require authentication via an API key, with the exception of the Skills Search endpoints which are publicly accessible.

API key

Include your API key in the X-API-KEY header with every request: 
curl -X POST https://api-service.fribl.co/api/v1/cvs/analyze \
  -H "X-API-KEY: your-api-key-here" \
  -H "Content-Type: application/json" \
  -d '{"inputs": ["CV text content here"]}'
Your API key is a UUID (e.g., a1b2c3d4-e5f6-7890-abcd-ef1234567890). Contact Fribl to obtain your key.

Accept-Language header

Optionally, include the Accept-Language header to receive skill names and analysis output in your preferred language: 
curl -X GET https://api-service.fribl.co/api/v1/cvs/{id} \
  -H "X-API-KEY: your-api-key-here" \
  -H "Accept-Language: fr"
Defaults to en (English) when not specified. See Supported Languages for all available language codes.

Error responses

Requests with a missing or invalid API key receive a 401 Unauthorized response: 
{
  "error": "Invalid API Key."
}

Security best practices

Never expose your API key in client-side code, public repositories, or browser requests. Always call the Fribl API from your backend server.
  • Store API keys in environment variables or a secrets manager
  • Rotate keys periodically
  • Use separate keys for development and production environments