API Authentication
Learn how to authenticate with the OpenBoxes Lift API.
Authentication Methods
OpenBoxes Lift supports two authentication methods:
- API Keys - Best for server-to-server integrations
- OAuth 2.0 (JWT) - Best for user-facing applications
API Keys
Generate an API key from your account settings. Include it in requests using the X-API-Key header:
curl -X GET "https://api.openboxes.cloud/api/v1/inventory" \
-H "X-API-Key: ob_live_abc123..."OAuth 2.0
For OAuth authentication, first obtain an access token:
curl -X POST "https://auth.openboxes.cloud/oauth/token" \
-d "grant_type=client_credentials" \
-d "client_id=YOUR_CLIENT_ID" \
-d "client_secret=YOUR_CLIENT_SECRET"Then include the token in requests:
curl -X GET "https://api.openboxes.cloud/api/v1/inventory" \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN"Rate Limits
API rate limits vary by tier:
- Shared: 1,000 requests/hour
- Dedicated: 25,000 requests/hour
- Enterprise: Custom limits