Authentication is managed using HTTP authentication (only “Basic” is supported right now). Every request must include the Authorization HTTP header. Use your API token as the username, and “X” (or some otherwise bogus text) as the password (only the API token is used for authenticating API requests).

EU Hosted Customers accounts should use instead of We advise making all calls to your Teamwork account over SSL. If you have any security concerns or questions just drop us an email to

If you go to the reference docs, there is a authentication call you can follow there. This call will show you how to pass in your api key to get back your unique site details. All calls need the api key to be passed in as a header value in order to work.

Take a look at our references - Authentication call.


If you have any feedback or suggestions, feel free to contact us at