CommunityPool

API (Pro)

Authentication

All requests require a Pro API key passed in the Authorization header.

Bearer tokens

Pass the key in the Authorization header, prefixed with Bearer:

curl https://api.communitypool.xyz/v1/pools \
  -H "Authorization: Bearer cp_live_..."

Key lifecycle

  • Create. Generate keys from /api-keys inside the dashboard. Each key shows exactly once on creation — copy it immediately.
  • Revoke. Revoking a key takes effect immediately and cannot be undone. Rotate keys by creating a new one first, updating your integration, then revoking the old key.
  • Scope. Keys inherit the permissions of the account that owns them. If the Pro subscription lapses, all keys owned by that account stop working until the subscription resumes.

Errors

  • 401 Unauthorized — missing, malformed, or revoked key.
  • 403 Forbidden — key is valid but the requested resource is outside its scope (e.g., reading a pool the account is not a member of, if access is gated there).
Next: Rate limits