MentionFox

Developer Authentication

This page describes how authentication works today for the two programmatic surfaces in the MentionFox world: the MentionFox browser extension, and the separate FoxAPIs developer API at foxapis.com. Both use a simple, long-lived API key model. There is no OAuth flow today — you generate a key, you send it with each request, and you keep it secret.

The MentionFox browser extension

The extension talks to MentionFox using a personal extension key tied to your account. You generate the key once and paste it into the extension's options; from then on the extension sends it on every call so MentionFox knows the request is yours.

If you ever reload the extension and calls start failing, re-paste your key in the options screen — that field is the live credential the extension uses to authenticate.

The FoxAPIs developer API

FoxAPIs (at foxapis.com) is the standalone developer API product. It is a separate service with its own account, its own keys, and its own credits — a FoxAPIs key is not the same as your MentionFox extension key, and the two balances are independent.

curl -X POST https://api.foxapis.com/v1/<endpoint> \
  -H "Authorization: Bearer YOUR_FOXAPIS_KEY" \
  -H "Content-Type: application/json" \
  -d '{ "query": "example" }'

Every authenticated FoxAPIs request validates the bearer token and is metered against your FoxAPIs credit balance. The live API explorer at foxapis.com/demo lets you try endpoints without a key first; once you have a key, paste it in to run against your own account.

Keeping keys safe

No OAuth, no client-secret exchange — just a single API key per surface, sent on every request. If a method isn't documented here, it isn't supported yet.
Back to Developer docs →