Every request to tenant-scoped endpoints must be authenticated. The API supports two independent methods on the same endpoints.
API key
Pass your key in the X-API-Key header:
curl https://api.getdialed.ai/flows/definitions \
-H "X-API-Key: $GETDIALED_API_KEY"
Keys are issued per organization. Only active accounts are accepted.
Bearer token (Clerk JWT)
If your organization uses Clerk-based sign-in, pass the organization JWT instead:
curl https://api.getdialed.ai/flows/definitions \
-H "Authorization: Bearer $CLERK_JWT"
The token must be an RS256-signed Clerk organization token. The organization in the token determines your tenant scope, exactly as an API key would. Mutating endpoints (create, update, delete, trigger) additionally require an admin role in the organization.
If both headers are present on one request, the API key takes precedence. Use one method or the other.
Public endpoints
Catalog (/catalog/*) and template (/templates/*) endpoints are public and require no authentication.
Errors
| Status | Meaning |
|---|
401 | Missing or invalid credentials |
403 | Authenticated, but not permitted (e.g. non-admin JWT on a mutating endpoint) |