Fetch Developer Identifiers
Your first API call after onboarding — retrieve the credentials you need for every subsequent request
Returns the api_key, organization details, team members, and brands associated with your developer key. Only requires your developer_secret — no api_key, org_id, or member_id needed.
Requires a valid `developer_secret` in the JSON request body. Requests must originate from a whitelisted IP address. No `api_key` required — this endpoint returns it.
Tip:
This should be the first API call you make after completing developer onboarding. The response gives you every identifier you need to call other Zyntro APIs — your `api_key`, the `org_id`, each team member's `member_id`, and all `brand_id` values. Store these values in your application config so you do not need to call this endpoint repeatedly.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
developer_secret |
body | string |
Yes | Your developer secret (zdk_XXX). Issued once during onboarding — if lost, your client must revoke the key and re-onboard you. |
Info:
This is the only public API endpoint that does not require `api_key`. Your developer secret alone is enough — the API resolves your client's account from the key and returns the `api_key` along with all other identifiers you need.
Request Body
Content-Type: application/json
Schema
json
{
"developer_secret": "string (required)"
}Example
json
{
"developer_secret": "YOUR_DEVELOPER_SECRET"
}Code Samples
bash
curl -X POST https://app.zyntrohq.com/apis/v2/public/developers/fetchIdentifiers \
-H "Content-Type: application/json" \
-d '{
"developer_secret": "YOUR_DEVELOPER_SECRET"
}'
php
$response = file_get_contents(
'https://app.zyntrohq.com/apis/v2/public/developers/fetchIdentifiers',
false,
stream_context_create([
'http' => [
'method' => 'POST',
'header' => 'Content-Type: application/json',
'content' => json_encode([
'developer_secret' => 'YOUR_DEVELOPER_SECRET',
]),
],
])
);
$data = json_decode($response, true);
// Store these for all subsequent API calls
$apiKey = $data['data']['api_key'];
$orgId = $data['data']['organization']['org_id'];
$brands = $data['data']['brands'];
javascript
const response = await fetch(
'https://app.zyntrohq.com/apis/v2/public/developers/fetchIdentifiers',
{
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({
developer_secret: 'YOUR_DEVELOPER_SECRET',
}),
}
);
const { data } = await response.json();
// Store these for all subsequent API calls
const apiKey = data.api_key;
const orgId = data.organization.org_id;
const members = data.members;
const brands = data.brands;Response
200
Identifiers retrieved successfully. The response includes all values needed for subsequent API calls.
json
{
"data": {
"brands": [
{
"brand_id": 1,
"brand_name": "Acme Corp"
},
{
"brand_id": 2,
"brand_name": "Acme Pro"
}
],
"api_key": "UYUJH-XXXXXXXXXXXX-XXXXXXXXXXXX-XXXXX",
"members": [
{
"name": "Jane Smith",
"role": "admin",
"email": "[email protected]",
"is_admin": 1,
"job_title": "CEO",
"member_id": "f2470c7f-60b1-4491-b117-8ba0e3e2a53b"
},
{
"name": "Alex Johnson",
"role": "member",
"email": "[email protected]",
"is_admin": 0,
"job_title": "Marketing Manager",
"member_id": "a1b2c3d4-e5f6-7890-abcd-ef1234567890"
}
],
"organization": {
"org_id": "42cc1aca-3aa5-4339-98d2-480b5b89937b",
"org_name": "Acme Corp"
}
},
"status": "success"
}
403
Authentication failed — invalid credentials or non-whitelisted IP.
json
{
"data": "Invalid developer_secret",
"status": "error"
}Errors
| Code | Message | Resolution |
|---|---|---|
MISSING_DEVELOPER_SECRET |
Missing developer_secret The `developer_secret` field is missing or empty. |
Include the developer secret (zdk_XXX) you received during onboarding. |
INVALID_DEVELOPER_SECRET |
Invalid developer_secret The developer secret does not match any active developer key. |
Verify your secret. If lost, your client must revoke the key and create a new one through the developer onboarding process. |
IP_NOT_WHITELISTED |
IP address not whitelisted The request came from an IP address that is not in your developer key's allowed list. |
Contact your client to add your current IP address to the key's whitelist. You specified allowed IPs during onboarding — if your IP has changed, the whitelist needs updating. |
Rate Limits
Rate limits are based on your client's subscription plan and apply across all v2 public endpoints.
- Plan 1 (Starter): 3 requests/minute, 35/hour, 300/day
- Plan 2 (Growth): 5 requests/minute, 50/hour, 500/day
- Plan 3 (Pro): 10 requests/minute, 500/hour, 2,000/day
- Plan 4 (Enterprise): 20 requests/minute, 1,000/hour, 5,000/day
Important:
Call this endpoint once and cache the results. The identifiers it returns — api_key, org_id, member_ids, brand_ids — do not change unless the client modifies their account structure. There is no need to call this before every API request.
Tip:
**Typical integration flow:**
1. Complete developer onboarding and receive your `developer_secret`
2. Call `fetchIdentifiers` with just your `developer_secret` to get `api_key`, `org_id`, `member_id`, and `brand_id` values
3. Store these in your application's environment config
4. Use `api_key` + `developer_secret` together in all subsequent API calls (fetchContact, updateFieldData, lookupContact, etc.)
5. If an API returns an authentication error, call `fetchIdentifiers` again to check if any values have changed
1. Complete developer onboarding and receive your `developer_secret`
2. Call `fetchIdentifiers` with just your `developer_secret` to get `api_key`, `org_id`, `member_id`, and `brand_id` values
3. Store these in your application's environment config
4. Use `api_key` + `developer_secret` together in all subsequent API calls (fetchContact, updateFieldData, lookupContact, etc.)
5. If an API returns an authentication error, call `fetchIdentifiers` again to check if any values have changed
