Authentication
How to authenticate with the Encelade API using API tokens.
All API requests require an API token passed via the x-api-key header.
Creating a token
Go to your workspace settings
Navigate to the API tokens section
Click Create Token and select the scopes your integration needs
Copy the token immediately
Your token is only displayed once. Store it securely — you cannot retrieve it later.
Using the token
Include the token in every request:
curl -X GET https://your-instance.com/api/public/v1/projects \
-H "x-api-key: YOUR_API_TOKEN"const res = await fetch("https://your-instance.com/api/public/v1/projects", {
headers: { "x-api-key": "YOUR_API_TOKEN" },
});import requests
res = requests.get(
"https://your-instance.com/api/public/v1/projects",
headers={"x-api-key": "YOUR_API_TOKEN"},
)Scopes
Tokens are scoped to limit access. Available scopes:
| Scope | Description |
|---|---|
project:read | List and view projects |
project:write | Create and update projects |
project:delete | Delete projects |
project:plan | Generate project outlines |
project:generate | Generate project content |
session:read | View generation session status |
session:write | Cancel generation sessions |
webhook:read | List webhooks |
webhook:write | Create and delete webhooks |
A token with no scopes selected has full access to all endpoints.
Rate limiting
API requests are rate-limited per tenant. When you exceed the limit, requests return 429 Too Many Requests. Back off and retry after a short delay.
Errors
All error responses follow a consistent format:
{
"error": "Description of what went wrong"
}Common status codes:
| Code | Meaning |
|---|---|
401 | Invalid or missing API token |
403 | Token lacks required scope |
429 | Rate limit exceeded |
The API playground on the reference pages sends real requests. Use a test or development token when trying endpoints interactively.