Authentication

The Renovatr API supports two authentication methods: API keys (recommended for integrations) and session cookies (used by the web app).

API Key Authentication

API keys are project-scoped and carry granular permissions. Pass your key in the X-API-KEY header:

curl https://beta.renovatr.app/api/v1/me \
  -H "X-API-KEY: your-api-key-here"

Each API key is tied to a specific project and has its own set of permissions. Operations on other projects will return 403 Forbidden.

Base URL

All API endpoints are prefixed with:

https://beta.renovatr.app/api/v1

For self-hosted instances, replace beta.renovatr.app with your domain.

Session Authentication

The Renovatr web application uses Auth0 session cookies (appSession). This method is used automatically when you're logged into the app and is not intended for external integrations.

Authentication Errors

Status	Meaning
`401`	Missing or invalid API key / session
`403`	Valid credentials but insufficient permissions

{
  "error": "Unauthorized"
}

Next Steps

Set up an API key in your project settings
Make your first request with curl or JavaScript

API Key Authentication​

Base URL​

Session Authentication​

Authentication Errors​

Next Steps​

API Key Authentication

Base URL

Session Authentication

Authentication Errors

Next Steps