Skip to main content

Overview

The iClosed.io V1 API is a RESTful API with organization-based rate limiting. All requests require authentication and an X-Org-Id header from the API Gateway authorizer.

Base URLs

  • Production: https://public.api.iclosed.io
  • Development: https://api-dev.iclosed.io
  • Local: http://localhost:4000

Authentication

All API requests require authentication using a Bearer token with the format iclosed-<token>. 
Authorization: Bearer iclosed-your-api-key-here

Rate Limiting

Per-account, per-action rate limits apply to all endpoints. When rate limits are exceeded, the API returns:
  • Status Code: 429 Too Many Requests
  • Response Headers:
    • RateLimit-Limit: Maximum requests allowed in the current window
    • RateLimit-Remaining: Requests remaining in the current window
    • RateLimit-Reset: ISO 8601 timestamp when the rate limit resets
    • Retry-After: Seconds until the client can retry

Error Handling

The API uses standard HTTP status codes and provides detailed error messages:

Common Status Codes

  • 200 - Success
  • 201 - Created
  • 400 - Bad Request / Validation Error
  • 401 - Unauthorized (missing or invalid API key)
  • 403 - Forbidden (insufficient permissions)
  • 404 - Resource Not Found
  • 429 - Rate Limit Exceeded
  • 500 - Internal Server Error

Error Response Formats

V1 Zod Validation (Detailed)

{
  "message": {
    "status": 400,
    "details": {
      "formErrors": [],
      "fieldErrors": {
        "email": ["Invalid email format"]
      }
    },
    "endpoint": "/v1/contacts",
    "method": "POST"
  }
}

Standard Validation

{
  "message": "Invalid request",
  "errors": {
    "email": ["Invalid email"],
    "name": ["Required"]
  }
}

Support

If you need help or have questions, please contact our support team at https://app.iclosed.io/support.