Authentication
Every request authenticates with an API key sent as a bearer token. Create and rotate keys from your dashboard once you have access.
curl https://api.firstbuzzer.com/v1/me \
-H "Authorization: Bearer $FB_API_KEY" Key scopes
Keys are scoped so you only expose what you need:
| Scope | Grants |
|---|---|
live:read | WebSocket stream + webhook delivery of live events |
archive:read | Historical REST queries and bulk export |
sports | Restrict a key to specific sports/leagues |
Errors
A missing or invalid key returns 401; a key without the required scope returns 403. See Errors.
Security
- Keep keys server-side. Never ship a secret key in a browser or mobile bundle.
- Rotate keys from the dashboard; revoked keys stop working immediately.
- Use a separate key per environment and per integration.
Questions? Talk to us. Pre-launch — endpoints illustrate the shape of the API.