Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.arcmira.com/llms.txt

Use this file to discover all available pages before exploring further.

Every Arcmira v1 endpoint except /v1/health and /v1/openapi.json requires authentication. Pass your key in either of two equivalent headers:
Bearer token (preferred)
Authorization: Bearer arc_sk_your_key
API key header
x-api-key: arc_sk_your_key
The two forms are fully interchangeable. Use whichever your HTTP client supports most cleanly. If both headers are sent, Authorization wins.

Key format

Arcmira keys start with the arc_sk_ prefix and contain 64 hex characters after it. The dashboard only displays the prefix and last 4 characters after creation — the raw secret is shown once, at creation time. 
arc_sk_a1b2c3d4...xxxx

Creating keys

  1. Go to Settings → API Keys.
  2. Click Create key, give it a descriptive name (e.g. production-backend), and select scopes.
  3. Copy the revealed secret immediately and store it in your secrets manager.
  4. Use the Disable action to temporarily revoke a key without deleting it. Deleting is permanent.
You can also manage keys from the legacy Dashboard → API Keys tab; both surfaces hit the same backend.

Storage hygiene

  • Keys are server-side credentials. Do not ship them to browsers, mobile clients, or any environment you don’t control.
  • Rotate keys when team members leave or when one might have been exposed.
  • Each key tracks last_used_at and last_used_ip so you can spot dormant or suspicious keys.
  • Calls against disabled, expired, or revoked keys return 401 invalid_api_key.

Scopes

Every key carries one or more scopes. Endpoints that require write access reject keys missing the relevant scope with 403 insufficient_scope.
ScopeGrants
readAll read endpoints (search, entities, mentions, appearances).
watchlists:writePOST / PATCH / DELETE on /v1/watchlists*.
trackers:writePOST / PATCH / DELETE on /v1/trackers*.
recommendations:read/v1/recommendations, /v1/channels/{id}/sponsors, /v1/mentions?details=full, and commercial recommendations_summary blocks on entity/channel reads. Pro+ only.
recommendations:writePOST /v1/feedback. Pro+ only.
See Scopes for the full matrix and Commercial intelligence for the Pro+ surface.

Verifying a key

The fastest sanity check is /v1/me: 
curl https://api.arcmira.com/v1/me \
  -H "Authorization: Bearer $ARCMIRA_API_KEY"
It returns the resolved user, tier, scopes, configured rate limit, current row usage, and the recommendations_api_enabled flag (true only on Pro+ tiers). If you see a non-200 response, check the error.code value against the error reference.