API Key Types

Quick Reference
Which Key Do I Need?
Common Errors
401 Unauthorized
403 Forbidden
How to Get Your Keys
Marketplace API Key
Advanced API Key
Security Best Practices
Key Permissions Scope
Marketplace API Key
Advanced API Key

Topsort uses two types of API keys for different purposes.

Quick Reference

Key Type	Created In	Use For	Typical User
Marketplace API Key	Topsort Admin → Settings	Auctions, Events, Catalog, Reporting	Your backend servers
Advanced API Key	Vendor Dashboard	Campaign management for one vendor	Vendor’s own tools

Which Key Do I Need?

Endpoint	Key Type
`POST /v2/auctions`	Marketplace
`POST /v2/events`	Marketplace
`POST /v2/products`	Marketplace
`GET /public/v1/reporting-service/*`	Marketplace
`POST /public/v1/campaign-service/*`	Either (scoped to vendor if Advanced key)
`GET /public/v1/billing-service/*`	Marketplace

Common Errors

401 Unauthorized

{
  "error": "Unauthorized",
  "message": "Invalid or missing API key"
}

Causes:

API key not included in Authorization header
Key is malformed or expired
Using Advanced key on Marketplace-only endpoint

Fix: Verify header format: Authorization: Bearer YOUR_API_KEY

403 Forbidden

{
  "error": "Forbidden", 
  "message": "Insufficient permissions"
}

Causes:

Using Advanced key for endpoint that requires Marketplace key
Advanced key trying to access different vendor’s data

Fix: Use Marketplace API key for cross-vendor operations

How to Get Your Keys

Marketplace API Key

Access Topsort Admin

Navigate to API Settings

Go to Settings → API Integration

Create API Key

Click “Generate API key” and select “Marketplace API key”

Copy and Store

Copy the key immediately and store it securely (it’s only shown once)

Advanced API Key

Access Vendor Dashboard

Navigate to API Settings

Go to Settings → API Access

Generate Key

Click “Generate Key” to create your Advanced API key

Copy and Store

Copy the key and store it securely in your environment variables

Security Best Practices

Never commit keys to version control
Store keys in environment variables
Rotate keys regularly
Use different keys for different environments (dev, staging, production)
Restrict key access to only necessary team members

Key Permissions Scope

Marketplace API Key

Full access to all marketplace operations
Can create and manage campaigns for any vendor
Access to all reporting data
Required for auction and event endpoints

Advanced API Key

Limited to specific vendor’s data
Can only manage campaigns for the associated vendor
Cannot access other vendors’ information
Ideal for vendor-specific integrations

Last updated: 2026-01-05

Authentication Handling Errors

⌘I

General

Auction examples

Webhook examples

Auctions

Events

Toptimize

Toppie API

Campaign API

Catalog API

Billing API

Reporting API

Invitation API

User API

Webhooks API

Assets API

Segments Service

Offsite Ads API

Forecasting Service

Media API

API Reference

Quick Reference

Which Key Do I Need?

Common Errors

401 Unauthorized

403 Forbidden

How to Get Your Keys

Marketplace API Key

Advanced API Key

Security Best Practices

Key Permissions Scope

Marketplace API Key

Advanced API Key

General

Auction examples

Webhook examples

Auctions

Events

Toptimize

Toppie API

Campaign API

Catalog API

Billing API

Reporting API

Invitation API

User API

Webhooks API

Assets API

Segments Service

Offsite Ads API

Forecasting Service

Media API

API Reference

​Quick Reference

​Which Key Do I Need?

​Common Errors

​401 Unauthorized

​403 Forbidden

​How to Get Your Keys

​Marketplace API Key

​Advanced API Key

​Security Best Practices

​Key Permissions Scope

​Marketplace API Key

​Advanced API Key

Quick Reference

Which Key Do I Need?

Common Errors

401 Unauthorized

403 Forbidden

How to Get Your Keys

Marketplace API Key

Advanced API Key

Security Best Practices

Key Permissions Scope

Marketplace API Key

Advanced API Key