Authentication
The RespawnHost API uses Bearer token authentication. Generate API keys from your account dashboard with specific scopes for granular access control.
Making Authenticated Requests
Include your API key in the Authorization header:
curl -X GET "https://respawnhost.com/api/v1/servers" \
-H "Authorization: Bearer YOUR_API_KEY"
Using the TypeScript SDK
With the official @respawnhost/sdk, authentication is handled automatically:
import { RespawnHostClient } from '@respawnhost/sdk';
const client = new RespawnHostClient({
apiKey: 'your-api-key',
baseURL: 'https://respawnhost.com' // Optional, this is the default
});
We recommend storing your API key in an environment variable:
const client = new RespawnHostClient({
apiKey: process.env.RESPAWNHOST_API_KEY!
});
Required Headers
| Header | Value | Required |
|---|---|---|
| Authorization | Bearer YOUR_API_KEY |
Yes |
| Content-Type | application/json |
For POST/PUT/PATCH |
API Key Scopes
When creating an API key, select only the scopes you need:
| Scope | Description |
|---|---|
server.read |
View server details and status |
server.write |
Modify server settings, aliases, startup variables |
server.delete |
Delete servers |
server.files |
Read, write, and manage server files |
server.backup |
Create, restore, and delete backups |
server.database |
Manage server databases |
server.share |
Share servers with other users |
payment.read |
View payment history and download invoices |
transaction.read |
View transaction details |
Error Responses
| Status | Description |
|---|---|
| 401 | Missing or invalid API key |
| 403 | API key lacks required scope |
| 404 | Resource not found |
Security Best Practices
- Never commit API keys to version control
- Use environment variables to store keys (the SDK supports
process.env.RESPAWNHOST_API_KEY) - Create separate keys for different applications
- Use the minimum required scopes
- Rotate keys periodically