Skip to main content
Every request to tenant-scoped endpoints must be authenticated. The API supports two independent methods on the same endpoints.

API key

Pass your key in the X-API-Key header:
curl https://api.getdialed.ai/flows/definitions \
  -H "X-API-Key: $GETDIALED_API_KEY"
Keys are issued per organization. Only active accounts are accepted.

Bearer token (Clerk JWT)

If your organization uses Clerk-based sign-in, pass the organization JWT instead:
curl https://api.getdialed.ai/flows/definitions \
  -H "Authorization: Bearer $CLERK_JWT"
The token must be an RS256-signed Clerk organization token. The organization in the token determines your tenant scope, exactly as an API key would. Mutating endpoints (create, update, delete, trigger) additionally require an admin role in the organization.
If both headers are present on one request, the API key takes precedence. Use one method or the other.

Public endpoints

Catalog (/catalog/*) and template (/templates/*) endpoints are public and require no authentication.

Errors

StatusMeaning
401Missing or invalid credentials
403Authenticated, but not permitted (e.g. non-admin JWT on a mutating endpoint)