Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.runflow.io/llms.txt

Use this file to discover all available pages before exploring further.

Every Runflow API request needs an Authorization: Bearer <token> header. Requests without a valid token return 401 Unauthorized. 
Authorization: Bearer YOUR_API_KEY

Get a key

  1. Sign in at app.runflow.io.
  2. Open Settings -> API Keys, click Create.
  3. Copy the token. It is shown once.
  4. Save it as RUNFLOW_API_KEY in your secret manager.

Example

export RUNFLOW_API_KEY="your_token_here"

curl https://api.runflow.io/v1/auth/me \
  -H "Authorization: Bearer $RUNFLOW_API_KEY"
A 200 with your account payload confirms the key works.

Rotate

Compromised key? Revoke it from the dashboard, create a new one, deploy. No downtime if you keep both keys live during cutover.

Best practices

  • Read the token from an env var or secret manager. Never commit it.
  • Use distinct keys per environment so a leak in staging cannot touch prod.
  • Call the API from your backend, not the browser.
  • Watch for 401 spikes. They usually mean a leaked or rotated key.

Errors

Status codes and the error envelope.

Get started

Make your first authenticated call.