API Authentication

How to authenticate with the ATStatus REST API.

Overview

The ATStatus API uses API keys for authentication. All requests must include a valid API key.

Getting an API Key

Go to Admin → API Keys
Click Create API Key
Name your key
Select required scopes
Copy the generated key

Using the API Key

Include the key in the Authorization header:

Authorization: Bearer YOUR_API_KEY

cURL Example

curl -X GET "https://status.example.com/api/v1/statuspages" \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json"

JavaScript Example

const response = await fetch('https://status.example.com/api/v1/statuspages', {
  headers: {
    'Authorization': 'Bearer YOUR_API_KEY',
    'Content-Type': 'application/json'
  }
});

const data = await response.json();

Python Example

import requests

response = requests.get(
    'https://status.example.com/api/v1/statuspages',
    headers={
        'Authorization': 'Bearer YOUR_API_KEY',
        'Content-Type': 'application/json'
    }
)

data = response.json()

Authentication Errors

Code	Description
`401`	Missing or invalid API key
`403`	API key lacks required scope

API Scopes

API keys can be limited to specific operations:

read:* - Read operations
write:* - Write operations

Security Best Practices

Never expose API keys in client-side code
Use environment variables
Rotate keys periodically
Use minimal required scopes