The Griffin Developer Hub

Welcome to the Griffin developer hub. You'll find comprehensive guides and documentation to help you start working with us as quickly as possible, as well as support if you get stuck. Let's jump right in!

Standard Headers

We have three standard headers that we expect, detailed below. To summarise, we expect all API users to send these on every request, where $API_KEY is replaced by your API key:

Authorization: GriffinAPIKey $API_KEY
Content-Type: application/json
Accept: application/json


All API requests require the Authorization header. The value of the header is always GriffinAPIKey plus your API key. You don't need to encode the API key in any way; just send it as plain text.

We do not support Basic as an authorization method in our API.


The API key is shown once and only once after creation in the Griffin
application. If you've forgotten your API key, you need to log in, delete it,
and create a new one.


The Accept header determines what format you receive the response in. All API requests should specify application/json for our JSON representation.



Long-running reports typically return either a CSV file or a ZIP
file containing multiple CSVs. This is to both keep file sizes down, and to
facillitate importing in to a spreadsheet or another tool for further
processing. This is clearly marked in the documentation.


The Content-Type header has the same rules as the Accept header. You may supply a HTTP request body in either application/json (recommended) or application/edn format.

Note that we treat Accept and Content-Type separately, therefore both should be supplied as application/json to ensure requests are processed as JSON and that responses are returned as JSON.

Updated about a month ago

Standard Headers

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.