Skip to main content
All API requests must include a valid API key in the Authorization header as a Bearer token.

Bearer token

Include your API key in the Authorization header with every request: 
curl https://api.userplane.com/api/v1/public/me \
  -H "Authorization: Bearer uspl_your_api_key"

API key format

All Userplane API keys use the uspl_ prefix. Keys are bound to the user who created them and carry the same permissions as that user across all their workspaces.
API keys carry the same permissions as the user who created them. Never expose keys in client-side code, public repositories, or browser requests.

User-scoped vs workspace-scoped endpoints

The API has two types of endpoints based on how authorization is handled:
TypePath patternAuthorization
User-scoped/public/me, /public/workspacesVerifies API key validity only
Workspace-scoped/public/workspace/{workspaceId}/*Verifies API key validity and workspace membership
Workspace-scoped endpoints return a 403 NOT_A_MEMBER error if the authenticated user is not an active member of the specified workspace.

Getting an API key

You can create API keys from the Developers section of your account settings, or programmatically via the API Key Management endpoints. See API Keys for details on creating, rotating, and managing your keys.

API Keys

Create, rotate, and manage your API keys

Quickstart

Make your first authenticated API call

Error Handling

Authentication error codes and troubleshooting

Rate Limits

Per-user rate limits across all API keys