Warning: JavaScript is not enabled or not loaded. Please enable JavaScript for the best experience.
CloudAPI logo cloudapi/docs
CloudAPI logo cloudapi/docs
v2.4 · stable | updated Apr 2026

The Cloud API, documented for builders.

A unified REST interface for compute, storage, and edge networking. Designed for predictable responses, transparent errors, and zero-surprise integration.

  • Predictable REST

    Resource-oriented routes, JSON in, JSON out.

  • Token-based auth

    Scoped keys, rotation, and short-lived sessions.

  • Global low-latency edge

    31 regions, <50ms median round-trip.

  • Typed SDKs

    First-class TypeScript, Go, Python, Rust.

Get started Browse endpoints Read FAQ
quickstart.sh 
# 1. Install the SDK
$ npm install @cloudapi/sdk

# 2. Authenticate
$ export CLOUDAPI_KEY="sk_live_***"

# 3. Make your first request
$ curl https://api.cloudapi.dev/v2/regions \
    -H "Authorization: Bearer $CLOUDAPI_KEY"

→ 200 OK (42ms)
Uptime
99.99%
Regions
31
p50 latency
48ms
02 · Authentication Updated Apr 2026

Authentication

All requests to the API are authenticated using Bearer tokens. Tokens are scoped to your project and must be included in the Authorization header of every request.

#

Request headers

Include your API key as a Bearer token. Requests without a valid token return 401 Unauthorized.

curl · request.sh 
# Send a request with your Bearer token
curl https://api.example.com/v1/resources \
  -H "Authorization: Bearer sk_live_xxxxxxxxxxxxxxxx" \
  -H "Content-Type: application/json" \
  -H "X-Api-Version: 2026-04-01"
#

Setting up authentication

  1. 01

    Create an API key

    From your dashboard, navigate to Settings → API Keys and click Generate new key. Choose a scope appropriate to the integration.

  2. 02

    Store the key securely

    Save the token in an environment variable or secret manager. The full key is shown only once at creation time.

  3. 03

    Send your first request

    Use the header pattern above. A successful call returns 200 OK with a JSON payload.

  4. 04

    Rotate keys regularly

    Rotate production keys at least every 90 days, or immediately if a leak is suspected. Old keys can be revoked from the dashboard.

#

Token types

sk_live_… Live

Production secret keys. Full read/write access. Never expose client-side.

sk_test_… Test

Sandbox keys for development and CI. No real resources are mutated.

#

Security best practices

  • Always send tokens over HTTPS — requests over plain HTTP are rejected.
  • Restrict keys by IP address and scope to the minimum required permissions.
  • Never commit keys to source control. Use .env files, vaults, or platform secrets.
  • Monitor usage logs and enable alerts for anomalous request patterns.
03 — Reference

Endpoints

A representative subset of the REST API. All endpoints are versioned under /v1 and accept JSON request bodies. Authenticated requests must include a bearer token — see Authentication.

Projects

/v1/projects

Manage projects — the top-level container for environments, deployments, and API keys.

  • GET /v1/projects List all projects
  • POST /v1/projects Create a new project
  • GET /v1/projects/{id} Retrieve a project
  • PATCH /v1/projects/{id} Update project metadata
  • DELETE /v1/projects/{id} Permanently delete a project
Request cURL 
curl https://api.example.dev/v1/projects \
  -H "Authorization: Bearer $API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "acme-prod",
    "region": "us-east-1"
  }'
Response 201 Created 
{
  "id": "proj_8f3a2b",
  "name": "acme-prod",
  "region": "us-east-1",
  "created_at": "2026-04-28T14:02:11Z",
  "status": "active"
}

Deployments

/v1/deployments

Trigger, inspect, and roll back deployments tied to a project.

  • GET /v1/deployments List deployments (supports filtering)
  • POST /v1/deployments Create a deployment from a commit
  • POST /v1/deployments/{id}/rollback Roll back to previous release
Request GET · paginated 
GET /v1/deployments
  ?project_id=proj_8f3a2b
  &status=succeeded
  &limit=20
  &cursor=eyJpZCI6...
Response 200 OK 
{
  "data": [
    {
      "id": "dep_19af",
      "project_id": "proj_8f3a2b",
      "status": "succeeded",
      "commit": "a1b2c3d"
    }
  ],
  "next_cursor": "eyJpZCI6...",
  "has_more": true
}

Logs

/v1/logs

Stream and query structured logs from running services.

  • GET /v1/logs Query logs by time range and level
  • GET /v1/logs/stream Server-sent events live tail

Conventions

status · pagination · filtering

Status codes

  • 2xxSuccess — resource returned or action accepted.
  • 4xxClient error — invalid input or auth failure.
  • 5xxServer error — retry with exponential backoff.

Pagination

Cursor-based. Pass cursor and limit (max 100). Responses include next_cursor and has_more.

Filtering

Use query params on list endpoints, e.g. ?status=succeeded or ?created_after=2026-04-01.

/ faq

Frequently asked questions

Common questions from developers integrating the API. If you can't find what you're looking for, reach out to our support team.

01

What are the API rate limits?

Default plans are limited to 1,000 requests/minute per API key. Enterprise plans scale to 10,000 req/min with burst capacity.

Each response includes X-RateLimit-Remaining and X-RateLimit-Reset headers so you can throttle gracefully.

02

Why am I getting a 401 Unauthorized error?

A 401 usually means an invalid, expired, or missing bearer token. Verify the Authorization: Bearer <token> header is present and the token belongs to the correct environment (live vs sandbox keys are not interchangeable).

03

How does API versioning work?

Versions are pinned via the URL path (e.g. /v1/) and a stable version is supported for at least 18 months after a new major release. Breaking changes are never introduced into a published version — additive changes only.

04

Can I test against a sandbox environment?

Yes. Every account includes an isolated sandbox at https://sandbox.api.example.com with seeded test data, simulated webhooks, and no rate limits during development. Sandbox keys are prefixed sk_test_.

05

How are failed webhooks retried?

If your endpoint does not return a 2xx within 10 seconds, the delivery is retried with exponential backoff for up to 72 hours (1m, 5m, 30m, 2h, 6h, 12h…). All attempts are visible in the dashboard, and you can manually replay any event.

06

What support and response times can I expect?

Community and email support are included on all plans with a typical response within 1 business day. Pro and Enterprise plans include priority support with a 4-hour SLA and a dedicated Slack channel.

Still have questions?

Our engineering team is happy to help with integration details.

Contact support