Skip to main content

API keys

API keys provide programmatic access to the Magnet API. They’re scoped to an organization and grant access to all resources within it.

Creating an API key

  1. Go to Settings > API Keys in the Magnet dashboard
  2. Click Create API Key
  3. Copy and securely store the key — it won’t be shown again

Using an API key

Include your API key in requests using one of these methods: 
curl -H "x-api-key: YOUR_API_KEY" \
  https://magnet.run/api/sessions
When using an API key, the organization is automatically resolved from the key — you don’t need to pass organizationId separately.

Browser authentication

When you use the Magnet dashboard, authentication is handled automatically when you sign in. No additional setup is needed.
Some actions — like creating a session — can only be performed from the dashboard (not via API key), since they need to be attributed to a specific user.

Authorization

Magnet checks that you have access to the requested organization:
  • API key — the key must belong to the target organization
  • Dashboard — you must be a member of the organization
Requests to resources outside your organization return 403 Forbidden.

Error responses

StatusMeaning
401 UnauthorizedMissing or invalid credentials
403 ForbiddenValid credentials but no access to the requested organization