Authentication

The Caged API uses API keys for authentication. All authenticated requests must include a Bearer token in the Authorization header.

Getting an API Key

Sign up at caged.dev/signup
Go to Dashboard → Settings → API Keys
Click Create API Key
Copy the key — it’s only shown once

API keys start with caged_sk_ and look like:

caged_sk_a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6

Using Your API Key

Include it as a Bearer token:

curl -H "Authorization: Bearer caged_sk_..." \
  https://api.caged.dev/v1/sandboxes

string

required

Account email address.

password

string

required

Account password (min 8 characters).

name

string

Display name.

curl -X POST https://api.caged.dev/signup \
  -H "Content-Type: application/json" \
  -d '{"email": "[email protected]", "password": "securepass", "name": "Dev"}'

Returns a session token for dashboard access.

curl -X POST https://api.caged.dev/login \
  -H "Content-Type: application/json" \
  -d '{"email": "[email protected]", "password": "securepass"}'

Key Scopes

Scope	Access
`full`	All API operations
`sandbox`	Create, manage, destroy sandboxes only
`read`	Read-only access to sandboxes and sessions

Security Best Practices

Never commit API keys to source control. Use environment variables or a secrets manager.

Rotate keys regularly
Use the narrowest scope possible
Set key expiration dates
Monitor key usage in the dashboard

API Overview Sandboxes

⌘I

​Authentication

​Getting an API Key

​Using Your API Key

​Signup

​Login

​Key Scopes

​Security Best Practices

Authentication

Getting an API Key

Using Your API Key

Signup

Login

Key Scopes

Security Best Practices