Cloud API Documentation

Reference for integrating with the Cloud API platform. Use the navigation to review authentication, inspect endpoint behavior, and validate request/response patterns before implementation.

Example request

GET

curl -X GET 'https://api.cloudplatform.dev/v1/projects?limit=10' \
  -H 'Authorization: Bearer <API_KEY>' \
  -H 'Accept: application/json'

Go to Overview Start Authentication

Documentation

Cloud API Platform Overview

The Cloud API Platform provides secure, predictable HTTP endpoints for managing resources, triggering workflows, and retrieving operational data. It is designed for fast integration with consistent schemas, stable versioning, and explicit error semantics.

What developers can do

Use the API to create and manage project resources, automate lifecycle tasks, query usage data, and integrate platform events into CI/CD or internal tooling. Endpoints are REST-style, JSON-based, and optimized for machine-readable responses.

Core capabilities

Resource management: Create, update, list, and delete API-managed resources with filterable queries and cursor pagination.
Operational reliability: Deterministic status codes, idempotency support for write operations, and structured error payloads.
Integration readiness: Token-based authentication, versioned endpoints, and webhook-compatible event models.

Base URL

All requests start with the versioned API origin:

https://api.cloudplatform.dev/v1

Use HTTPS only. Version prefixes are mandatory and may introduce non-breaking fields over time.

Response format notes

Response format conventions
Aspect	Convention
Content type	`application/json`
Success envelope	Primary payload under `data`; optional pagination metadata under `meta`.
Error envelope	Structured object with `error.code`, `error.message`, and optional `error.details`.

Getting started flow

1. Generate credentials: create an API key in your workspace and store it securely.
2. Authenticate requests: send the key as a bearer token. See Authentication.
3. Call an endpoint: start with a read endpoint to validate access. Continue in Endpoints.
4. Handle errors and limits: implement retries, backoff, and request tracing. For common issues, review FAQ.

API key authentication

Send your project API key in the x-api-key header for service-level requests. API keys are intended for trusted backend environments and should never be exposed in client-side code.

Security note: Rotate API keys regularly, scope them to the minimum permissions required, and revoke immediately if leaked.

Bearer token usage

For user-context operations, use OAuth access tokens with the Authorization header.

Authorization: Bearer <access_token>

Best practice: Validate token expiry and required scopes before each protected request. Prefer short-lived tokens with refresh flows.

Required headers

Required API authentication headers
Header	Required	Description
x-api-key	Yes (API key flow)	Project secret used for backend service authentication.
Authorization	Yes (Bearer flow)	OAuth access token in format Bearer <token>.
Content-Type	Yes (JSON body)	Set to application/json for JSON payloads.

Environment variable setup

Store credentials in environment variables and load them at runtime from your server process.

# .env
CLOUD_API_BASE_URL=https://api.cloudplatform.dev/v1
CLOUD_API_KEY=cp_live_xxxxxxxxxxxxx
CLOUD_ACCESS_TOKEN=eyJhbGciOi...

Short cURL example

curl -X GET "$CLOUD_API_BASE_URL/projects" \
  -H "x-api-key: $CLOUD_API_KEY" \
  -H "Authorization: Bearer $CLOUD_ACCESS_TOKEN" \
  -H "Content-Type: application/json"

Operational tip: Use separate keys and tokens per environment (dev, staging, production) and restrict production secrets to CI/CD and server runtimes.

API Reference

Endpoints

Core resource operations for projects and usage metrics. Each endpoint includes method badge, description, and minimal request/response examples.

GET

/v1/projects

Returns a paginated list of projects available to the authenticated workspace.

Sample request

curl -X GET "https://api.cloudplatform.dev/v1/projects?page=1&limit=20" \
  -H "Authorization: Bearer <token>"

Sample response

{
  "data": [{ "id": "prj_01", "name": "core-api" }],
  "pagination": { "page": 1, "limit": 20, "total": 1 }
}

POST

/v1/projects

Creates a new project with a unique slug in the current workspace.

Sample request

curl -X POST "https://api.cloudplatform.dev/v1/projects" \
  -H "Authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{ "name": "payments-api", "slug": "payments-api" }'

Sample response

{
  "id": "prj_92ab",
  "name": "payments-api",
  "slug": "payments-api",
  "created_at": "2026-03-17T10:22:14Z"
}

GET

/v1/usage

Provides request counts and error-rate metrics for the selected time window.

Sample request

curl -X GET "https://api.cloudplatform.dev/v1/usage?from=2026-03-01&to=2026-03-17" \
  -H "Authorization: Bearer <token>"

Sample response

{
  "from": "2026-03-01",
  "to": "2026-03-17",
  "requests": 184203,
  "error_rate": 0.0021
}

FAQ

Practical answers to common integration questions for teams implementing the Cloud API Platform.

: Requests are rate-limited per API key and endpoint group. When you receive 429 Too Many Requests, apply exponential backoff with jitter and respect the Retry-After header when present. See endpoint-specific limits in Endpoints.
: 401 Unauthorized usually indicates a missing, expired, or malformed token. 403 Forbidden means the token is valid but lacks required scope or environment access. Verify token format, scopes, and clock sync, then review Authentication.
: Versions are explicit and backward-compatible within a major release. Breaking changes are released in a new major version with deprecation windows for prior versions. Pin your client to a specific version, run regression tests in sandbox, and monitor changelog notices before cutover.
: Generate sandbox credentials from your developer workspace, then call sandbox base URLs with test keys only. Sandbox and production environments are fully isolated. Use mock payloads and test entities to validate flows before promoting configurations.
: For production-impacting incidents, open a priority support ticket from your account portal with request IDs and timestamps. For implementation questions, use standard support with reproducible request/response samples. Start with the platform overview in Overview to confirm environment and service boundaries.