FiveMesh API requests use service keys created from the dashboard.
Keys are scoped to personal resources or organization resources, and can be limited by service, action and CDN path prefix.
Pass the service key as a bearer token.
Authorization: Bearer YOUR_FIVEMESH_API_KEY
curl "$FIVEMESH_API_URL/v1/..." \
-H "Authorization: Bearer $FIVEMESH_API_KEY"
Key scopes
Choose scopes based on where the key runs:
| Scope | Use it when |
|---|
| Personal resources | A script operates services owned by your personal workspace. |
| Organization resources | A script operates services shared with an organization workspace. |
| CDN path prefixes | A script should only read or write selected public asset paths. |
Secret handling
Store service keys in server environment variables, deployment secrets or a server-only configuration file.
The secret is shown once when the key is created. Rotate the key if it has been copied into a client script, repository or browser bundle.
Related pages
