Authentication
All API requests require a Bearer token. This page explains how to create and manage API keys.
Every request to the CacheBoost API must include an Authorization header with a Bearer token.
Authorization: Bearer cb_live_<your-api-key>Create an API key
- Go to your profile page.
- Click Create API key.
- Give the key a name and select the scopes it needs.
- Optionally restrict the key to specific sites.
- Click Create. Copy the key — it is shown only once.
Scopes
| Scope | Access |
|---|---|
sites:read | List and get sites |
sites:write | Create and delete sites, manage sitemaps |
boosts:read | List and get boosts |
boosts:write | Create, update, delete, and run boosts |
runs:read | List and get runs |
Key format
API keys have the format cb_live_ followed by 32 hex characters. Only the first 8 characters of the key suffix are stored in the dashboard for identification — the full key cannot be retrieved after creation.
Revoking a key
On the profile page, click Revoke next to any key. Revocation is immediate.
Store keys in environment variables or a secrets manager. Never commit them to source control.