Skip to main content
All requests to the BundleUp proxy must be explicitly authorized. Authorization is connection-scoped and enforced on every request before it reaches the upstream API.

1. API key (Bearer token)

Used to authenticate the workspace making the request. 
Authorization: Bearer <YOUR_API_KEY>
  • Identifies your workspace
  • Used for billing, rate limiting, and access control
  • Must be kept secret

2. Connection identifier

Used to select which external account the request is executed against. 
BU-Connection-Id: <CONNECTION_ID>
  • Scopes the request to a single connection
  • Determines which OAuth tokens / credentials are used
  • Enforces per-connection rate limits
  • Required for all proxy requests

How authorization works

When a request hits the proxy, BundleUp:
  1. Validates the API key
  2. Verifies the key has access to the specified connection
  3. Loads credentials associated with the connection
  4. Enforces rate limits and retries
  5. Proxies the request to the upstream API
If any step fails, the request is rejected before contacting the upstream. 
curl https://proxy.bundleup.io/conversations.list \
  -H "Authorization: Bearer sk_live_123" \
  -H "BU-Connection-Id: conn_abc123"