API Reference
Authentication
How to create and use API keys to authenticate with the FloopFloop API.
API Key Authentication
All API requests must include your API key in the Authorization header using the Bearer token scheme:
Authorization: Bearer flp_your_api_key_hereCreating API Keys
Navigate to Account → API Keys in your FloopFloop dashboard to create and manage API keys.
- Each account can have up to 5 active API keys
- Keys are shown only once at creation — store them securely
- Keys can be revoked at any time from the dashboard
- All keys start with the prefix
flp_
Key Security
- Never share your API keys or commit them to version control
- Use environment variables to store keys in your applications
- Rotate keys regularly and revoke unused keys
- Each key has its own rate limit bucket
Rate Limits
API endpoints have the following rate limits per API key:
| Operation | Limit | Window |
|---|---|---|
| Read operations (GET) | 120 requests | 1 minute |
| Write operations (POST/PATCH/DELETE) | 30 requests | 1 minute |
| Deploy/Rollback | 5 requests | 1 hour |
| Project creation/Clone | 10 requests | 1 hour |
Rate limit information is included in response headers:X-RateLimit-Remaining and X-RateLimit-Reset.