The Fireflies API implements token-based authentication, which ensures that only authorized users can access certain data and functionalities.

Token-Based Authentication

We use a standard bearer token authentication mechanism. This means that to make authorized requests to the API, you must include an Authorization header with a valid token.

Acquiring a Token

Follow these steps to obtain your API key for the Fireflies API:

  1. Log in to your account at fireflies.ai
  2. Navigate to the Integrations section
  3. Click on Fireflies API
  4. Copy and store your API key securely

Making an Authenticated Request

To make an authenticated request, add the Authorization header followed by the word Bearer and your API key.

Example of an Authenticated Request Header

Authorization: Bearer your_api_key

Example request with Authorization header

 curl \
   -X POST \
   -H "Content-Type: application/json" \
   -H "Authorization: Bearer your_api_key" \
   --data '{ "query": "{ user { name integrations } }" }' \

Ensure to replace your_api_key with your actual API key.

Best Practices for Token Security

  • Keep it Secret: Treat your API key like a password. Never expose it in client-side code or share it publicly.
  • Store Securely: Store the API key securely in your application, ideally in environment variables or secure storage solutions.

Improper handling of API keys can lead to security vulnerabilities. Always ensure API keys are used and stored securely.


  • Invalid key: If you receive an error regarding an invalid API key, verify that the API key hasn’t expired and that it’s correctly included in the request header.
  • Missing key: Ensure that the Authorization header is present in your requests requiring authentication.

If you encounter issues with authentication or have questions about API key management, please contact our support team.

Additional Resources