Authentication
All authenticated API requests require a Bearer token in the Authorization header.
API key format
Luxkern API keys follow the pattern:
bash
lxk_live_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxlxk_live_— Production key prefixlxk_test_— Test/sandbox key prefix
Using the key
bash
curl https://api.luxkern.com/v1/cronsafe/monitors \ -H "Authorization: Bearer lxk_live_xxx"Scopes
Each key can be scoped to specific tools and permissions:
| Scope | Description |
|---|---|
| cronsafe:read | Read CronSafe monitors and pings |
| cronsafe:write | Create, update, delete monitors |
| logdrain:write | Ingest logs |
| flags:read | Evaluate feature flags |
| * | Full access (all tools, all permissions) |
Best practices
- Use the narrowest scope possible for each integration.
- Set an expiration date on keys used in CI/CD pipelines.
- Rotate keys regularly and revoke unused ones.
- Never commit API keys to version control. Use environment variables.