Authentication
Welcome to the Weezly Outreach API. Let's get started with a quick setup on how to authenticate your requests.
Finding your API key
The first step when using the Weezly Outreach API is authenticating your requests with an API key.
The API key is used to authenticate the incoming requests and map them to your account.
API keys never expire, however they can be deleted and deactivated.
Go to Settings → API in the app to create and manage your API keys. Keys are prefixed with sk_live_.
How to authenticate
After you have your API key, you will need to provide it in every request that you make to the Weezly Outreach API. You will need to add the X-API-KEY request header to every request and set your API key as the value.
X-API-KEY: sk_live_YOUR_API_KEYTest your API key
Once you have your API key, you can check if it's working by sending the following request. If everything is working properly, you should get a 200 HTTP status code.
curl --location --request GET 'http://outreach.weezly.com/api/auth/me' \
--header 'X-API-KEY: sk_live_YOUR_API_KEY'{
"id": "1234",
"name": "John Smith",
"email": "john@example.com",
"plan": "growth"
}Example requests
Get all lead lists
curl --location --request GET 'http://outreach.weezly.com/api/leads/lists' \
--header 'X-API-KEY: sk_live_YOUR_API_KEY'Create a campaign
curl --location --request POST 'http://outreach.weezly.com/api/campaigns' \
--header 'X-API-KEY: sk_live_YOUR_API_KEY' \
--header 'Content-Type: application/json' \
--data '{
"name": "Q2 Outreach",
"leadListId": "cm3list789abc"
}'Rate Limits
The API allows a maximum of 300 requests per minute. All requests are attributed to the same limit regardless of endpoint.
Going above the limit will return a 429 HTTP status code and an error.
Authentication Errors
| Code | Cause |
|---|---|
| 401 | Missing X-API-KEY header |
| 401 | Invalid API key (typo, wrong key) |
| 401 | Deleted or deactivated API key |
| 429 | Rate limit exceeded (300 requests/minute) |
API Key Management
You can also manage API keys programmatically via the API.
List API Keys
/api/api-keysList all API keys for the authenticated user.
curl --location --request GET 'http://outreach.weezly.com/api/api-keys' \
--header 'X-API-KEY: sk_live_YOUR_API_KEY'{
"keys": [
{
"id": "cm3key_001",
"name": "Production Integration",
"prefix": "sk_live_a1",
"key": "sk_live_a1b2c3d4e5f6...",
"lastUsedAt": "2026-06-07T08:00:00.000Z",
"createdAt": "2026-05-20T10:00:00.000Z"
},
{
"id": "cm3key_002",
"name": "Zapier Webhook",
"prefix": "sk_live_f7",
"key": "sk_live_f7e8d9c0b1a2...",
"lastUsedAt": null,
"createdAt": "2026-06-01T14:00:00.000Z"
}
]
}Create API Key
/api/api-keysCreate a new API key. Maximum 10 keys per user.
Request Body
| Parameter | Type | Description |
|---|---|---|
namerequired | string | A descriptive name for the key (e.g. "Production", "Zapier") |
curl --location --request POST 'http://outreach.weezly.com/api/api-keys' \
--header 'X-API-KEY: sk_live_YOUR_API_KEY' \
--header 'Content-Type: application/json' \
--data '{
"name": "Production Integration"
}'{
"key": {
"id": "cm3key_new003",
"name": "Production Integration",
"key": "sk_live_9f8e7d6c5b4a3f2e1d0c9b8a7f6e5d4c",
"prefix": "sk_live_9f",
"createdAt": "2026-06-07T10:00:00.000Z"
}
}Response Codes
| 201 | API key created |
| 400 | Name is required / Maximum 10 keys reached |
| 401 | Unauthorized |
Delete API Key
/api/api-keys/:idPermanently delete an API key. Any integrations using this key will immediately stop working.
curl --location --request DELETE 'http://outreach.weezly.com/api/api-keys/cm3key_001' \
--header 'X-API-KEY: sk_live_YOUR_API_KEY'{ "ok": true }Response Codes
| 200 | API key deleted |
| 404 | API key not found |
| 401 | Unauthorized |
Security: Treat API keys like passwords. Never expose them in client-side code, public repositories, or logs. Store them in environment variables. If a key is compromised, delete it immediately in Settings → API and create a new one.