Authentication
All API calls (except /healthz and /openapi.json) require a Bearer token in the Authorization header.
Generating a key
Generate and manage your API keys in the Feather dashboard under Settings → API Keys. Go here to get your API key. Each key carries scopes that control which actions it can perform.
Treat keys like passwords. Never commit a key to source control. If a key leaks, rotate it from the dashboard — old keys are revoked immediately and requests using them fail with
401 invalid_api_key.Making an authenticated request
Send the key as a Bearer token. The example below creates a blog — the only action currently available.
curl https://api.feather.so/v1/blog/create \ -X POST \ -H "Authorization: Bearer fk_live_your_api_key" \ -H "Content-Type: application/json" \ -d '{ "blog_name": "My Blog" }'
Key format
All keys are prefixed with fk_live_. You'll copy the full key from the dashboard — there's nothing to construct manually.
Scopes
Every key carries one or more scopes that control which actions it can perform. When you create a key in the dashboard, select the scopes it needs. Requests that require a scope your key doesn't have return 403 insufficient_scope.