Getting started

Authentication

The Coastline API uses bearer token authentication. Pass your API key in theAuthorizationheader on every request.

Creating a key

1. Sign in as a workspace admin.
2. Go to Settings → API Keys.
3. Click Create API key, name it, and copy the token.

The full key is shown only once at creation time. Coastline stores a SHA-256 hash; we cannot recover the plaintext. If you lose a key, revoke it and create a new one.

Scope & permissions

Each key is scoped to the single workspace it was created in. Requests can only read and write data inside that workspace, cross-workspace access is impossible. Keys inherit full admin privileges, so only admins can create them.

Revocation

Revoke a key from Settings at any time. Revocation is immediate, subsequent requests will return 401 unauthorized.