Authentication

API key (`X-API-Key`)

All /v1/* routes expect an API key in the X-API-Key header.

curl https://api.scrift.app/v1/catalog/stripe \
  -H "X-API-Key: YOUR_API_KEY"

How to get a key

Register at scrift.app. Your key is shown once in the dashboard after registration or regeneration. If you lose it, generate a new key from the dashboard.

Rate limits

Daily quotas depend on your plan. See Rate limits for tiers and HTTP 429 behavior.

JWT (account endpoints)

User account routes under /auth/* may require a bearer token where the OpenAPI operation says so, for example:

Authorization: Bearer <access_token>

If you only call /v1/* with an API key, you do not need JWT.

Errors

Missing or invalid keys receive 401 with error code invalid_api_key.

{
  "error": "invalid_api_key",
  "message": "API key required. Pass X-API-Key header."
}

API key (X-API-Key)​

How to get a key​

Rate limits​

JWT (account endpoints)​

Errors​

API key (`X-API-Key`)

How to get a key

Rate limits

JWT (account endpoints)

Errors