Authenticating requests
How to authenticate requests to the Scalix Cloud API
Bearer Token
Include your API key in the Authorization header:
bash
curl -H "Authorization: Bearer scalix_sk_your_key_here" \
https://api.scalix.world/v1/functionsToken Types
| Prefix | Type | Use Case |
|---|---|---|
scalix_sk_ | API Key | Server-side SDK and CLI |
scalix_sa_ | Service Account | Server-to-server |
scalix_at_ | Access Token | End-user sessions (1h default) |
scalix_pat_ | Personal Access | Developer tools |
Project Context
API keys belong to the organization. A key scoped to a single project carries its project context automatically; an org-wide key targets a project per-request with the X-Scalix-Project header:
bash
curl -H "Authorization: Bearer $SCALIX_API_KEY" \
-H "X-Scalix-Project: proj_abc123" \
https://api.scalix.world/v1/functionsScopes
API keys carry scope restrictions. A request fails with FORBIDDEN (403) if the key lacks the required scope.
See Authentication for the full scope list.
Rate Limiting
When rate limited, the API returns 429 with these headers:
plaintext
X-RateLimit-Limit: 60
X-RateLimit-Remaining: 0
X-RateLimit-Reset: 1716230400Wait until X-RateLimit-Reset (Unix timestamp) before retrying.