Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.questra.ai/llms.txt

Use this file to discover all available pages before exploring further.

All requests to the Questra API must be authenticated with a Bearer token. This guide walks you through creating an API key and using it in your requests.

Create an API key

1. Open the dashboard

Sign in to app.questra.ai and navigate to your surveys.
Questra dashboard showing the surveys list

2. Open the user menu

Click your name in the bottom-left corner of the sidebar to open the account menu.
User menu with API Keys option

3. Go to API Keys

Click API Keys in the menu. This takes you to the API key management page.
API Keys page showing no keys yet

4. Create a new key

Click Create API Key in the top-right corner.
Create New API Key modal

5. Name your key and set an expiration

Give your key a descriptive name (for example, Production API Key) so you can identify it later. Optionally set an expiration date — keys without an expiration date never expire.
Create API Key form filled in with name and expiration date
Click Create.

6. Copy your key

Your API key is shown exactly once. Copy it now — you won’t be able to see it again.
API Key Created modal showing the new key
Store your API key securely. Treat it like a password — do not commit it to source control or share it publicly.
After clicking Done, the key appears in your API keys list with its name, creation date, expiration, and last-used status.
API Keys page showing the newly created Production API Key

Find your organization ID

Every API request must include your organization ID in the X-Org-Id header. To find it:
  1. Sign in to app.questra.ai
  2. Navigate to Settings
  3. Copy your Organization ID

Use your key in requests

Pass your API key as a Bearer token in the Authorization header and your organization ID in the X-Org-Id header of every request. 
curl https://api.questra.ai/surveys \
  -H "Authorization: Bearer <your_api_key>" \
  -H "X-Org-Id: <your_org_id>"

Manage your keys

From the API Keys page you can:
  • Revoke a key — click the bell-slash icon to disable a key without deleting it
  • Delete a key — click the trash icon to permanently remove a key
Requests made with a revoked or deleted key will return a 401 Unauthorized response.

Environment variables

Avoid hardcoding your API key and organization ID in code. Use environment variables instead: 
export QUESTRA_API_KEY=ak_...
export QUESTRA_ORG_ID=org_...
Then reference them in your application: 
const apiKey = process.env.QUESTRA_API_KEY;
const orgId = process.env.QUESTRA_ORG_ID;