Skip to main content

How to use the Ezus API

This guide takes you from zero to your first successful authenticated request.

Written by Ezus team


1. Getting Started

The Ezus API lets you read and write your Ezus data (projects, clients, suppliers, products, steps…) from your own tools.

To start using the EZUS API, you'll need:

  • An active EZUS Premium account

  • An API Key

  • A Bearer Token

Our technical documentation provides detailed information about all available endpoints, parameters, and request examples.

👾 EZUS API Documentation: https://api.ezus.io/

💡 The API is available exclusively with the Premium plan and above.



2. Get your API Key

Most routes require an API key for authentication. You can find your API key directly from your Ezus workspace.

Go to: Settings → Developer on https://pro.ezus.io/settings

🚨 An API key is private and must stay confidential. Be careful who has access to it and where it is stored.



3. Understand the endpoints and methods

Study the endpoints (URLs) you can interact with and the HTTP method you need for each:

  • GET — retrieve information

  • POST — add or modify information

  • PUT / PATCH — modify existing data

  • Webhooks — trigger an action on a specific event​


4. Authentication

The EZUS API uses a secure two-step authentication process.


1. API Key

Include your API Key in the header of every request:

x-api-key: YOUR_API_KEY

Identifies your integration. It's static, created once in your settings, and sent with every request.



2. Bearer Token

Authenticate your user by calling the /login endpoint.

You will receive a Bearer Token, valid for 12 hours, which must be included in requests requiring authentication:

Authorization: Bearer YOUR_TOKEN

When your token expires, simply request a new one by calling the /login endpoint again.

ℹ️ What is a Bearer Token?

A Bearer Token is a temporary security token that proves your identity to the EZUS API.

After logging in through the /login endpoint using your EZUS credentials, the API returns a Bearer Token. This token must then be included in the Authorization header of your requests:

Authorization: Bearer YOUR_TOKEN

The server verifies that the token is valid before granting access to your data.


Why use a Bearer Token?

This authentication method offers several advantages:

  • Enhanced security: your password is never sent with every request.

  • Limited lifetime: the token automatically expires after 12 hours, reducing security risks if it is compromised.

  • Better performance: once authenticated, you can make multiple API requests without logging in again.

When your Bearer Token expires, simply call the /login endpoint to obtain a new one.

Think of it as a building: the x-api-key is your badge to enter the building, and the Bearer Token is the key to the rooms inside. You need both.

The full flow looks like this:

Settings → API       →   copy your x-api-key 
POST /login (+ x-api-key) → receive a Bearer Token (valid 12h)
Any request (+ both) → access your data
Token expired? → call /login again for a new one

You can send your requests using a tool like Postman or a programming language like Python. Include your API key in the request headers as required by the documentation.

📚 To know more about Postman : Use Postman for your calls on Ezus API

Log in to get a Bearer Token Call the /login endpoint with your API key and your Ezus credentials. You'll receive a Bearer Token valid for 12 hours.

curl -X POST https://api.ezus.io/login \   
-H "x-api-key: YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{"email": "[email protected]","password": "YOUR_EZUS_PASSWORD"}'

Example response:

{   "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6..." }

Copy the returned token — you'll pass it as your Bearer Token in the next step.



5. Generate the responses

Every request that accesses your data must include both headers: your API key and your Bearer Token.

curl 
-X GET https://api.ezus.io/projects \
-H "x-api-key: YOUR_API_KEY" \
-H "Authorization: Bearer YOUR_TOKEN"


Choose the right method for what you want to do:

GET — Retrieve information (e.g. list your projects)

POST — Create new data (e.g. a new project or supplier)

PUT / PATCH — Modify existing data

Webhooks — Trigger an action on a specific event (e.g. a project is created)

The exact URL for each action (its "route"), the parameters it accepts, and the data it returns are all listed in the API documentation: https://api.ezus.io/

Responses come back in JSON.
Parse the response and extract the fields your application needs.

A typical list response looks like this:

{   
"data": [
{ "reference": "PRJ-001", "title": "Peru Discovery", "budget": 4200 },
{ "reference": "PRJ-002", "title": "Iceland Roadtrip", "budget": 3100 } ]
}

💡 Always check the HTTP status code before parsing: 2xx means success, 4xx means something is wrong with your request.



Troubleshooting

  • Authentication errors

If you receive a 401 Unauthorized or 403 Forbidden error, verify that:

  • your API Key (x-api-key) is valid;

  • your Bearer Token has not expired (valid for 12 hours);

  • both authentication headers are included whenever required.

If necessary, generate a new token through the /login endpoint.

  • Rate limiting

To ensure platform stability, the EZUS API applies rate limiting.

If you receive a 429 Too Many Requests error, reduce the frequency of your requests or implement a retry with exponential backoff before trying again.

Did this answer your question?