Reporting API

Authentication

Bearer token authorization with your API key.

Every request is authorized with an API key. Send it as a Bearer token in the Authorization header:

Authorization: Bearer <API_KEY>

Example:

curl -s 'https://reporting.magfiads.com/v1/report?from=2026-06-01T00:00:00Z&to=2026-06-07T23:59:59Z&metrics=views' \
  -H 'Authorization: Bearer <API_KEY>'

IP whitelist

An API key alone is not enough. Each key is restricted to an IP whitelist — requests are only accepted from pre-registered IP addresses. A request from an IP not on the list is rejected even if the key is valid.

So call the API from a server with a static (fixed) egress IP. If your egress IP changes, access breaks — you'll need to have the new IP added to the whitelist (Contact).

Rules

  • Each key is bound to one advertiser — you only see data for campaigns/ads you own.
  • Keep the key server-side. Never embed it in a browser/mobile app; the key exposes your entire account's data to anyone who can read it.
  • If a key leaks, request a rotation (Contact).

Requesting access (API key & IP whitelist)

For API key creation, key rotation, or adding/removing addresses on the IP whitelist, contact us:

[email protected]

Include in your request:

  • Your advertiser / account name
  • Request type: new key · rotation · add/remove IP
  • For the IP whitelist: the static egress IP address(es) to allow

Errors

StatusMeaning
401 UnauthorizedKey missing, invalid or expired
403 ForbiddenKey valid but no access — outside the IP whitelist or another resource

See → Errors.

Overview

Reporting API — a single, unified reporting endpoint for advertiser statistics.

Getting started

Make your first report request — base URL, authentication and the first call.

On this page

IP whitelistRulesRequesting access (API key & IP whitelist)Errors