Getting started
Authentication
One bearer key per integration. The key carries the scope; there are no separate tenant headers to pass.
Scopes
Each key is granted one or more of:
jobs:read— list jobs and use lookup endpoints.jobs:write— create / update / cancel jobs.sites:write— create and update sites.
Calling an endpoint outside your scope returns 401 unauthorized — the same response you’d get for a missing key — so probing scopes from the outside isn’t useful.
Rotation
Replacement keys can be issued with both old and new keys valid for an overlap window, so you can deploy the new key without an outage.
Rate limits
See Rate limits for the actual budgets, what counts against them, and how to use the API efficiently.
X-Request-Id
Every response carries an X-Request-Id header — an opaque token that uniquely identifies the request inside the gateway. Example:
X-Request-Id: req_01HX9CK3T6JZ2N8H6K7G5W2BFA
It’s most useful as a correlation key in your own logs — pair it with whatever request ID your client side already generates so a single line in either system can pivot to the other. The same value appears as instance in error responses (RFC 7807).
If you want to set your own, send X-Request-Id on the request and it will be echoed back. Otherwise the gateway generates one.