Skip to content

Authentication

Lead import and other public API calls use Bearer token authentication. Each integrator is typically issued one API key.

Email support@dealerstudio.com.au to request a key. Keys can be scoped to specific dealerships and configured with permissions and optional IP allowlisting.

Include the API key on every request:

Authorization: Bearer YOUR_API_KEY

Use HTTPS only. The production base URL is:

https://dashboard.dealerstudio.com.au
ActionMethodPathPermission required (if key is restricted)
Create leadPOST/api/v1/leadscreate:lead
Update leadPUT/api/v1/leads/{id}update:lead

If the key’s permission list is empty, all allowed actions for that key are permitted (still subject to dealership scope on the key).

See the Create Lead and Update Lead reference for request bodies and response codes.

If IP addresses are configured on your API key, requests must originate from one of those addresses. Requests from other IPs are rejected with 401 Unauthorized.

If no IPs are configured, IP allowlisting does not apply.

StatusMeaning
401 UnauthorizedMissing or invalid token, IP not allowlisted, or key lacks permission for the action
403 ForbiddenAuthenticated but not allowed to access the requested dealership or resource