Base URL
All endpoints are relative to your Openinary server URL.Authentication
Protected endpoints require an API key passed as a Bearer token./api-keys) or via the API Keys API. In API-only mode, the first key is printed to the server logs on startup.
Some endpoints (API key management) also accept a session cookie, used
internally by the dashboard.
Rate limiting
Public endpoints are rate-limited by IP address.
Rate limit headers are included in every response:
Protected endpoints (API key required) are not subject to public rate limiting.