Authentication

All requests to the Crucible API must include a valid API key passed via the Authorization header.

Authorization: Bearer YOUR_API_KEY

Key types

Crucible supports two key types:

Standard keys are suitable for most integrations. They carry full API access within the rate limits of your plan.

Restricted keys allow you to scope permissions to specific endpoints or models. Use restricted keys for third-party integrations, client-facing applications, or any context where you want to limit exposure.

Key rotation

We recommend rotating your API keys every 90 days. You can create, revoke, and manage keys from the Settings → API Keys panel in your dashboard at any time. Revoking a key takes effect immediately.

Security best practices

Never include your API key directly in client-side code. Always use environment variables or a secrets manager. For server-side applications, set CRUCIBLE_API_KEY as an environment variable and reference it at runtime.

Buy Template

Create a free website with Framer, the website builder loved by startups, designers and agencies.