"success": true and a "data" property containing the endpoint-specific payload.
For most error status codes, the body is { "success": false, "error": { "message": "..." } }. HTTP 401 is an exception: missing or invalid credentials return { "message": "Unauthorized" } from the API gateway.
Base URL
All API requests are made to:Authentication
The API uses API key authentication. Include your key in theAuthorization header as a Bearer token with every request.
Creating an API key
Open settings
Navigate to Settings > API keys in your Cloud Capital dashboard.
Generate a key
Click Create API key, give it a descriptive name, and select the appropriate permissions.
Rate limits
API requests are rate-limited to protect service availability. When you exceed the limit, the API returns a429 status code.
| Header | Description |
|---|---|
X-RateLimit-Limit | Maximum requests per minute |
X-RateLimit-Remaining | Remaining requests in the current window |
Retry-After | Seconds to wait before retrying |
Error handling
The API returns standard HTTP status codes. Application errors (for example validation failures) use the envelope below.| Status code | Description |
|---|---|
200 | Success (success: true and data payload) |
400 | Invalid request parameters or body |
401 | Missing or invalid API key |
429 | Rate limit exceeded |
500 | Server or upstream error (some operations may use this when a resource is missing or expired) |

