Authentication - Referralful

The API uses HTTP Basic authentication. Pass your API secret as the username and leave the password empty. This is the same scheme Rewardful uses, so existing clients work without changes.

Get your API key

Create a key in your dashboard at Developers → API keys (referralful.com/dashboard/developers). The secret is shown once. Keys look like rfl_live_… and are tied to one program.

Treat your secret like a password. It grants full access to your program’s data. If a key leaks, revoke it in the dashboard and create a new one.

Send the key

With curl, pass the secret to -u followed by a colon (empty password):

curl https://api.referralful.com/v1/affiliates \
  -u rfl_live_your_secret_here:

Or set the Authorization header yourself (base64 of secret:):

curl https://api.referralful.com/v1/affiliates \
  -H "Authorization: Basic $(printf 'rfl_live_your_secret_here:' | base64)"

A Bearer token is also accepted as a convenience:

curl https://api.referralful.com/v1/affiliates \
  -H "Authorization: Bearer rfl_live_your_secret_here"

Errors

A missing or invalid key returns 401:

{ "error": "Invalid API key." }

Introduction Pagination

⌘I

​Get your API key

​Send the key

​Errors

Get your API key

Send the key

Errors