Authentication
Authenticate requests to the redu.cloud API using an API key.
Generate an API key
Log in to the Console:
https://console.redu.cloudOpen API Keys:
https://console.redu.cloud/category/user/api-keysGenerate a key and copy it immediately.
API keys are only shown once after creation.
Base URL
https://api.redu.cloud/v1Authentication header
Include your API key in the x-api-key header:
x-api-key: YOUR_API_KEYExample: get current user
cURL
curl https://api.redu.cloud/v1/me \
-H "x-api-key: YOUR_API_KEY"Successful response
{
"id": "usr_01HZX8YF2",
"username": "joe",
"email": "joe@example.com",
"roles": ["user"]
}Scopes
An API key can be limited to specific actions. A key with no scopes set has full access; a scoped key is restricted to the resource:action capabilities you grant it. See Scopes and Permissions for the grammar and least-privilege examples.
Common errors
Two distinct cases:
- 401 means the key is missing, malformed, expired, or invalid. Fix the credential.
- 403 means a valid key without permission for the request. Either the key lacks the required scope (
insufficient_scope), or the route is protected and no key was sent.
{
"error": {
"code": "unauthorized",
"message": "Invalid API key"
}
}A scope failure is specific about what was missing:
{
"error": {
"code": "insufficient_scope",
"message": "This API key lacks the 'instance:delete' scope required for this request.",
"required_scope": "instance:delete",
"granted_scopes": ["instance:read"]
}
}Compatibility note: most errors follow the
{ "error": { "code", "message" } }shape above, but some endpoints currently return a plain string body,{ "error": "message" }. If you parse errors programmatically, handle both shapes until the envelope is unified.