API Authentication

All authenticated API requests require an API key passed in the request headers.

Using API Keys

Include your API key in the X-Api-Key header:

curl "https://api.cubestack.app/api/v1/{project}/{cube}" \
  -H "X-Api-Key: your-api-key"

Public Endpoints

Cubes with public access enabled can be accessed without authentication:

curl "https://api.cubestack.app/api/v1/{project}/{cube}"

Public endpoints only return columns marked as public in the cube settings.

Security Best Practices

Store API keys in environment variables, not in source code
Use public access for client-side applications
Use API keys only in server-side code
Rotate keys if you suspect they’ve been compromised

API Overview Errors