Authentication

Every request to the Sevalla API must include a valid API key in the Authorization header.

Get an API key

Open the dashboard

Go to API Keys in your Sevalla dashboard.

Create a key

Click Create API Key, give it a name, and select the permissions it needs.

Copy the key

You’ll only see the full key once. Store it somewhere safe.

Using the key

Pass your API key as a Bearer token in the Authorization header:

curl -H "Authorization: Bearer YOUR_API_KEY" \
  https://api.sevalla.com/v3/applications

All requests must use HTTPS. HTTP requests will be rejected.

Scoped keys

API keys can be scoped to specific permissions. Create a key with only the access it needs, for example read-only for monitoring or deploy-only for CI pipelines. You can manage keys through the API or from the dashboard.

Create a separate API key for each integration or environment. If a key is compromised, you can rotate or revoke it without affecting your other tools.

Error responses

If authentication fails, you’ll get one of these responses:

Status	Meaning
`401 Unauthorized`	Missing or invalid API key. Check that your `Authorization` header is formatted correctly.
`403 Forbidden`	The API key is valid but doesn’t have permission for this action. Create a key with broader scope or contact your team admin.

Getting Started

Projects

Applications

Pipelines

Databases

Static Sites

Object Storage

Load Balancers

Global Environment Variables

API Keys

Webhooks

Docker Registries

Users

Resources

Device Authorization

Get an API key

Using the key

Scoped keys

Error responses

Getting Started

Projects

Applications

Pipelines

Databases

Static Sites

Object Storage

Load Balancers

Global Environment Variables

API Keys

Webhooks

Docker Registries

Users

Resources

Device Authorization

​Get an API key

​Using the key

​Scoped keys

​Error responses

Get an API key

Using the key

Scoped keys

Error responses