Authentication
The RespawnHost API uses Bearer token authentication. Generate API keys from your account dashboard with specific scopes for granular access control.
Making Authenticated Requests
Include your API key in the Authorization header:
curl -X GET "https://api.respawnhost.com/api/servers" \
-H "Authorization: Bearer YOUR_API_KEY"
Required Headers
| Header | Value | Required |
|---|---|---|
| Authorization | Bearer YOUR_API_KEY |
Yes |
| Content-Type | application/json |
For POST/PUT/PATCH |
API Key Scopes
When creating an API key, select only the scopes you need:
| Scope | Description |
|---|---|
server.read |
View server details and status |
server.write |
Modify server settings, aliases, startup variables |
server.delete |
Delete servers |
server.files |
Read, write, and manage server files |
server.backup |
Create, restore, and delete backups |
server.database |
Manage server databases |
server.share |
Share servers with other users |
payment.read |
View payment history and download invoices |
transaction.read |
View transaction details |
Error Responses
| Status | Description |
|---|---|
| 401 | Missing or invalid API key |
| 403 | API key lacks required scope |
| 404 | Resource not found |
Security Best Practices
- Never commit API keys to version control
- Use environment variables to store keys
- Create separate keys for different applications
- Use the minimum required scopes
- Rotate keys periodically