Cloud API Platform Documentation

Reliable, fast, and easy-to-integrate API solutions.

Quick navigation for API docs

Jump directly to core topics without distractions. The sidebar provides fast access to authentication, endpoint details, and common questions so you can integrate the API quickly and confidently.

Each section is anchored for instant access and is designed for clear, high-contrast scanning in technical environments.

Overview

Cloud API platform built for reliability, speed, and straightforward integration

Our platform provides consistent uptime, low-latency responses, and predictable behavior across regions. Documentation is structured for fast adoption and long-term maintainability.

Reliability at scale

Built with multi-region redundancy, clear status reporting, and versioned contracts to keep integrations stable through upgrades.

Low-latency performance

Optimized routing and efficient payloads deliver fast responses for real-time and batch workloads.

Easy integration

Consistent authentication, clear error models, and concise examples help teams integrate quickly with minimal overhead.

Developer-first documentation

Structured sections and anchor navigation make it simple to find endpoints, request formats, and usage guidance.

Authentication

API keys and request signing

Use API keys for server-to-server access. Requests must include a key identifier and signature. Keys are scoped to your workspace and can be rotated without downtime.

1) Obtain API keys

Generate a key in the dashboard under Workspace → API Keys. Store the secret once; it is shown only at creation time.

Example: curl REST

curl -X POST "https://api.cloudplatform.io/v1/tokens" \
  -H "x-api-key: ${API_KEY}" \
  -H "x-api-signature: ${SIGNATURE}" \
  -H "x-api-timestamp: ${UNIX_TS}"

2) Authentication flow

Compute a signature using HMAC-SHA256 over timestamp + method + path + body.
Send x-api-key, x-api-signature, and x-api-timestamp headers.
Server validates timestamp (±5 minutes) and signature, then returns a token.
Use the token in Authorization: Bearer <token> for subsequent requests.

Example: Node.js HMAC signature

import crypto from "crypto";

const timestamp = Math.floor(Date.now() / 1000);
const method = "POST";
const path = "/v1/tokens";
const body = "";

const payload = `${timestamp}${method}${path}${body}`;
const signature = crypto
  .createHmac("sha256", process.env.API_SECRET)
  .update(payload)
  .digest("hex");

Security best practices

Store secrets in a server-side vault or secret manager; never expose in client apps.
Rotate keys regularly and revoke unused keys immediately.
Use per-environment keys (dev, staging, prod) to limit blast radius.
Validate server time sync to avoid signature drift (NTP recommended).
Log request IDs only; never log raw secrets or signatures.

Common errors

401 InvalidSignature: Signature does not match server calculation. Verify payload ordering and hex encoding.
401 TimestampSkew: Timestamp outside the allowed window. Sync system clock and retry.
403 KeyRevoked: API key has been rotated or disabled. Create a new key and update secrets.

Endpoints

Core API endpoints

Reference the primary endpoints for authentication, resources, and telemetry. Each entry includes the HTTP method, required headers, and a minimal payload example.

POST /v1/auth/token

Method: POST

Headers: Content-Type: application/json

Exchanges client credentials for a short-lived access token. Tokens expire after 3600 seconds.

{ "client_id": "YOUR_CLIENT_ID", "client_secret": "YOUR_CLIENT_SECRET" }

Returns access_token and expires_in.

GET /v1/projects

Method: GET

Headers: Authorization: Bearer <token>

Lists projects available to the authenticated account. Supports pagination via page and page_size query parameters.

{ "page": 1, "page_size": 20 }

Returns an array of project objects with id and name.

POST /v1/projects

Method: POST

Headers: Authorization: Bearer <token>

Creates a new project namespace. Project names are unique per account.

{ "name": "payments-service", "region": "us-east-1" }

Returns the created project with an auto-generated id.

GET /v1/metrics

Method: GET

Headers: Authorization: Bearer <token>

Retrieves recent API usage metrics for the last 24 hours. Use from and to for custom time ranges.

{ "from": "2026-03-05T00:00:00Z", "to": "2026-03-06T00:00:00Z" }

Returns a time series array with timestamp and requests.

FAQ

Quick answers to common implementation questions. If you need more help, contact support.

What are the API rate limits?: Standard plans allow 600 requests per minute per API key. Enterprise limits are configurable. Rate limit headers are returned on every response.
How should I handle errors?: Errors use consistent JSON with an error.code and error.message. Use HTTP status codes for branching and retry on 429 and 5xx with exponential backoff.
Which support channels are available?: Email support is available for all plans, with priority response for Enterprise. See contact details in the footer.
How is API versioning handled?: Versions are in the base path (e.g., /v1). Breaking changes ship in new versions; minor updates are backward compatible within a version.