Skip to content
StatusOwlDocs

API authentication

Authenticate requests to the StatusOwl REST API using API keys.

Last updated March 20, 2025

The StatusOwl REST API uses bearer token authentication. All requests must include a valid API key in the Authorization header.

API keys

Generate a key under Settings → API Keys. Keys are shown once at creation — store them securely. You can create multiple keys per organization (e.g. one per service) and revoke individual keys without disrupting others.

Keep your key secret

Never commit API keys to version control. Use environment variables or a secrets manager.

Making authenticated requests

bash
curl https://api.statusowl.net/v1/monitors \
  -H "Authorization: Bearer sk_live_xxxxxxxxxxxxxxxxxxxx" \
  -H "Content-Type: application/json"

All API responses use the following envelope:

json
// Success
{ "data": { ... } }

// Error
{ "error": "Descriptive error message" }

Authentication errors

  • 401 Unauthorized — Missing or malformed Authorization header.
  • 403 Forbidden — Valid key but insufficient permissions for the requested resource.

Scopes & permissions

API keys inherit the permissions of the organization role of the user who created them. An Admin key can create and delete monitors; a Member key is read-only.