API Overview
Get started with the Creation Rights REST API. Covers authentication, endpoints, and conventions.
Base URL
All API requests are made to:
https://api.creationrights.com/v1
The API uses HTTPS exclusively. HTTP requests are redirected.
Authentication
Authenticate using a Bearer token in the Authorization header:
curl -H "Authorization: Bearer YOUR_API_KEY" \
https://api.creationrights.com/v1/projectsGetting an API Key
- Go to Settings → API Keys
- Click Create Key
- Give the key a name and select permission scopes
- Copy the key. It's only shown once
API keys inherit the permissions of the user who created them, scoped further by the selected permissions.
Request Format
- Content-Type:
application/jsonfor request bodies - Method: Standard REST verbs:
GET,POST,PUT,PATCH,DELETE - Pagination: Cursor-based using
cursorandlimitquery parameters - Filtering: Field-specific query parameters (e.g.,
?status=active)
Example: Create a Project
curl -X POST https://api.creationrights.com/v1/projects \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"name": "Summer Campaign",
"description": "Assets for the summer 2026 campaign",
"visibility": "private"
}'Response Format
All responses follow a consistent envelope:
{
"data": { ... },
"meta": {
"request_id": "req_abc123",
"timestamp": "2026-04-08T12:00:00Z"
}
}List Responses
List endpoints return paginated results:
{
"data": [ ... ],
"meta": {
"total": 142,
"cursor": "eyJpZCI6MTAwfQ",
"has_more": true
}
}Pass cursor to the next request to get the next page.
Error Handling
Errors return an appropriate HTTP status code with a structured body:
{
"error": {
"code": "validation_error",
"message": "The 'name' field is required.",
"details": [
{ "field": "name", "issue": "required" }
]
}
}Common Status Codes
| Code | Meaning |
|---|---|
200 | Success |
201 | Created |
400 | Bad request. Check the error details |
401 | Unauthorized. Invalid or missing API key |
403 | Forbidden. Insufficient permissions |
404 | Not found |
429 | Rate limited. See Retry-After header |
500 | Internal server error |
Rate Limiting
Rate limits vary by plan. See Plans & Limits for details.
Rate limit headers are included in every response:
X-RateLimit-Limit: 300
X-RateLimit-Remaining: 298
X-RateLimit-Reset: 1712563200
Core Endpoints
Projects
| Method | Endpoint | Description |
|---|---|---|
GET | /projects | List all projects |
POST | /projects | Create a project |
GET | /projects/:id | Get a project |
PATCH | /projects/:id | Update a project |
DELETE | /projects/:id | Delete a project |
Assets
| Method | Endpoint | Description |
|---|---|---|
GET | /assets | List assets |
POST | /assets | Upload an asset |
GET | /assets/:id | Get asset details |
PATCH | /assets/:id | Update asset metadata |
DELETE | /assets/:id | Delete an asset |
Agents
| Method | Endpoint | Description |
|---|---|---|
GET | /agents | List available agents |
POST | /agents/run | Run an agent |
GET | /agents/runs/:id | Get execution status |
Workflows
| Method | Endpoint | Description |
|---|---|---|
GET | /workflows | List workflows |
POST | /workflows | Create a workflow |
POST | /workflows/:id/run | Trigger a workflow |
GET | /workflows/runs/:id | Get run status |
SDKs
Official SDKs are available for:
- JavaScript/TypeScript:
npm install @creationrights/sdk - Python:
pip install creationrights
Both SDKs provide typed interfaces for all API endpoints, handle authentication, and manage pagination automatically.
Webhooks
Creation Rights can send HTTP callbacks when events occur. Configure webhooks in Settings → Webhooks.
Supported events include:
asset.created,asset.updated,asset.deletedproject.created,project.updatedworkflow.completed,workflow.failedagent.completed,agent.failedtalent.cleared,talent.flagged
Each webhook payload includes the event type, timestamp, and relevant data.