Authentication
Send your secret key as a bearer token on every request:
Authorization: Bearer brd_sk_live_...Scopes
Section titled “Scopes”Each key is scoped along two axes:
- Access — read, or read-write.
- Reach — a whole workspace, or a single project.
A request that exceeds the key’s scope is rejected with 403 permission_error (insufficient_scope). A project-scoped key only ever sees its own project.
Key safety
Section titled “Key safety”Errors
Section titled “Errors”| HTTP | type | code | Meaning |
|---|---|---|---|
| 401 | authentication_error |
unauthorized, expired |
Missing, invalid, revoked or expired key. |
| 403 | permission_error |
insufficient_scope |
The key lacks the required access, or the resource is outside its scope. |
See Errors for the full catalog.