Scanix Docs

Authentication

How to authenticate API requests with a Scanix API key.

Every request to api.scanix.co/v1 must carry a bearer token in the Authorization header.

Authorization: Bearer scx_live_••••••••••••

Issuing a key

Create keys from your portal API keys page. Each key:

  • Belongs to one organization
  • Inherits the permissions of the operator who issued it
  • Can be revoked at any time without rotating other keys

Treat keys as production secrets

A leaked key gives the holder full org-scoped read/write. If you suspect exposure, rotate immediately:

  1. Open API keys in the portal.
  2. Click Revoke on the affected key.
  3. Issue a new one and redeploy any service that used the old value.

We log every API call against a key — operators can review usage from the admin audit log.

Rate limits

The default limit is 600 requests per minute per key. Bursts above that return 429 Too Many Requests with a Retry-After header. If your workload genuinely needs more, file a ticket from Support describing your use case.

Overview

A quick tour of what the Scanix HTTP API can do today and what's coming next.

On this page

Issuing a keyTreat keys as production secretsRate limits
Authentication — Scanix Docs · Scanix