> ## Documentation Index
> Fetch the complete documentation index at: https://docs.yo-lead.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Quickstart

> Make your first signed YoLead Public API request.

1. Create an integration key in the YoLead UI.
2. Store the API secret on your backend.
3. Sign each `/v1/*` request with HMAC-SHA256.
4. Call `GET https://api.yo-lead.com/v1/employees`.
5. Use the REST API reference for endpoint-specific request and response shapes.

<Warning>
  Run signing code on your backend. The API secret must never be sent to browser code.
</Warning>

```http theme={null}
GET /v1/employees HTTP/1.1
Host: api.yo-lead.com
X-YoLead-Key: <publicKey>
X-YoLead-Timestamp: <unix_ms_timestamp>
X-YoLead-Signature: <hex_hmac_sha256>
```

<CodeGroup>
  ```ts Node.js theme={null}
  import { createHmac } from "node:crypto";

  const publicKey = process.env.YOLEAD_PUBLIC_KEY!;
  const apiSecret = process.env.YOLEAD_SECRET!;
  const timestamp = Date.now().toString();
  const rawBody = "";
  const signature = createHmac("sha256", apiSecret)
    .update(`${timestamp}.`)
    .update(rawBody)
    .digest("hex");

  const response = await fetch("https://api.yo-lead.com/v1/employees", {
    method: "GET",
    headers: {
      "X-YoLead-Key": publicKey,
      "X-YoLead-Timestamp": timestamp,
      "X-YoLead-Signature": signature,
    },
  });

  console.log(await response.json());
  ```

  ```php PHP theme={null}
  <?php

  $publicKey = getenv('YOLEAD_PUBLIC_KEY');
  $apiSecret = getenv('YOLEAD_SECRET');
  $timestamp = (string) round(microtime(true) * 1000);
  $rawBody = '';
  $signature = hash_hmac('sha256', $timestamp . '.' . $rawBody, $apiSecret);

  $ch = curl_init('https://api.yo-lead.com/v1/employees');

  curl_setopt_array($ch, [
      CURLOPT_RETURNTRANSFER => true,
      CURLOPT_HTTPHEADER => [
          'X-YoLead-Key: ' . $publicKey,
          'X-YoLead-Timestamp: ' . $timestamp,
          'X-YoLead-Signature: ' . $signature,
      ],
  ]);

  $body = curl_exec($ch);
  $status = curl_getinfo($ch, CURLINFO_RESPONSE_CODE);

  if ($body === false) {
      throw new RuntimeException(curl_error($ch));
  }

  curl_close($ch);

  echo $status . PHP_EOL;
  echo $body . PHP_EOL;
  ```
</CodeGroup>
