Overview
Authentication API overview, base URL, and common patterns
All LegionEdge Platform API requests must be authenticated. This page covers the base URL, authentication methods, rate limits, and error handling conventions.
Base URL
All API requests target the following base URL:
https://api.legionedge.com/v2For sandbox/testing environments:
https://api.sandbox.legionedge.com/v2Authentication Methods
Include credentials in every request using one of these methods:
Bearer Token (OAuth)
curl -H "Authorization: Bearer eyJhbGciOiJSUzI1NiIs..." \
https://api.legionedge.com/v2/projectsAPI Key
curl -H "X-API-Key: le_live_abc123def456" \
https://api.legionedge.com/v2/projectsSDK Authentication
import { LegionEdge } from "@legionedge/sdk";
// API key
const client = new LegionEdge({ apiKey: "le_live_abc123def456" });
// OAuth token
const client = new LegionEdge({ accessToken: "eyJhbGciOiJSUzI1NiIs..." });Common Headers
| Header | Description |
|---|---|
Authorization | Bearer token (Bearer {token}) |
X-API-Key | API key for server-to-server auth |
Content-Type | application/json for request bodies |
X-Request-Id | Optional client-generated request ID for tracing |
X-Org-Id | Override the default organization (for multi-org keys) |
Rate Limits
Rate limits are applied per authentication credential:
| Plan | Requests/Minute | Burst |
|---|---|---|
| Free | 60 | 10 |
| Pro | 600 | 100 |
| Enterprise | 6,000 | 1,000 |
Rate limit headers are included in every response:
X-RateLimit-Limit: 600
X-RateLimit-Remaining: 594
X-RateLimit-Reset: 1700000060Error Codes
The API uses standard HTTP status codes with a consistent error body:
{
"error": {
"code": "authentication_failed",
"message": "The provided API key is invalid or has been revoked.",
"status": 401,
"requestId": "req_abc123"
}
}Common Error Codes
| Status | Code | Description |
|---|---|---|
400 | invalid_request | Malformed request body or missing required fields |
401 | authentication_failed | Invalid or expired credentials |
403 | insufficient_permissions | Valid credentials but lacking required permissions |
404 | not_found | Requested resource does not exist |
409 | conflict | Resource already exists or state conflict |
422 | validation_error | Request body fails validation |
429 | rate_limit_exceeded | Too many requests |
500 | internal_error | Unexpected server error |
Handling Errors in the SDK
import { LegionEdge, LegionEdgeError } from "@legionedge/sdk";
const client = new LegionEdge({ apiKey: process.env.LEGIONEDGE_API_KEY! });
try {
const project = await client.projects.get("proj_nonexistent");
} catch (err) {
if (err instanceof LegionEdgeError) {
console.error(`[${err.code}] ${err.message}`);
console.error(`Request ID: ${err.requestId}`);
console.error(`Status: ${err.status}`);
}
}Pagination
List endpoints support cursor-based and offset-based pagination:
# Offset-based
GET /v2/projects?page=2&per_page=20
# Cursor-based
GET /v2/projects?cursor=eyJpZCI6InByb2pfYWJj&limit=20Next Steps
- Set up OAuth authentication for user-facing apps.
- Manage API keys for server-to-server integrations.