Skip to main content

Base URL

All endpoints are relative to your Openinary server URL.

Authentication

Protected endpoints require an API key passed as a Bearer token.
Generate API keys from the dashboard (/api-keys) or via the API Keys API. In API-only mode, the first key is printed to the server logs on startup.
Some endpoints (API key management) also accept a session cookie, used internally by the dashboard.

Rate limiting

Public endpoints are rate-limited by IP address. Rate limit headers are included in every response: Protected endpoints (API key required) are not subject to public rate limiting.

Endpoints overview

Error responses

All errors follow a consistent shape: