Cloud API Platform Docs
Docs
Cloud API Platform
Fast, reliable REST API for building scalable cloud applications. Integrate in minutes with simple authentication, comprehensive documentation, and production-ready endpoints.
Simple Integration
RESTful design with minimal dependencies and clear documentation.
Fast Response Times
Optimized infrastructure for sub-100ms latency on most requests.
Reliable Uptime
99.9% SLA with redundant systems and comprehensive monitoring.
Quick Start
Get started in 60 seconds with a simple API request:
curl -X GET https://api.cloudplatform.io/v1/status \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json"
# Response:
{
"status": "operational",
"version": "v1",
"uptime": "99.94%"
}Authentication
Secure your API requests using either API keys or bearer tokens. Choose the authentication method that best fits your use case and always follow security best practices to protect your credentials.
API Key Authentication
API keys are simple tokens that identify your application. Include your API key in the X-API-Key header for each request.
Retrieve Your API Key
- Log in to your account dashboard
- Navigate to API Settings
- Click "Generate New Key"
- Copy and store securely (see Security Best Practices below)
Bearer Token Authentication
Bearer tokens are used for OAuth 2.0 flows and are ideal for user-delegated access. Include your token in the Authorization header with the Bearer scheme.
Tokens are typically short-lived and may require periodic refresh. Always validate token expiry before making requests.
Required Headers
Include these headers in all API requests:
Header
X-API-Key
Value
Your API key
Required
Yes (API Key auth)
Header
Authorization
Value
Bearer <token>
Required
Yes (Bearer auth)
Header
Content-Type
Value
application/json
Required
Yes (for POST/PUT)
Environment Variables
Store your credentials in environment variables instead of hardcoding them in your application:
Example .env file
# API Configuration
CLOUD_API_KEY=your_api_key_here
CLOUD_API_BASE_URL=https://api.cloudplatform.com/v1
CLOUD_API_TIMEOUT=30000Access in your code (Node.js example)
const apiKey = process.env.CLOUD_API_KEY;
const baseUrl = process.env.CLOUD_API_BASE_URL;
const headers = {
'X-API-Key': apiKey,
'Content-Type': 'application/json'
};Example Request
Using cURL
curl -X GET https://api.cloudplatform.com/v1/data \
-H "X-API-Key: your_api_key" \
-H "Content-Type: application/json"Using JavaScript (Fetch)
const response = await fetch('https://api.cloudplatform.com/v1/data', {
method: 'GET',
headers: {
'X-API-Key': process.env.CLOUD_API_KEY,
'Content-Type': 'application/json'
}
});
const data = await response.json();Using Python (Requests)
import requests
import os
headers = {
'X-API-Key': os.getenv('CLOUD_API_KEY'),
'Content-Type': 'application/json'
}
response = requests.get('https://api.cloudplatform.com/v1/data', headers=headers)
data = response.json()Security Best Practices
Never Expose API Keys
- Do not commit API keys to version control (Git, GitHub, etc.)
- Do not expose keys in client-side code or frontend applications
- Do not share keys via email or chat applications
- Store keys only on secure, server-side environments
Rotate Keys Regularly
- Rotate API keys every 90 days or after suspected compromise
- Keep at least one backup key active during rotation
- Revoke old keys immediately after verifying new ones work
- Test key rotation in development before production
Server-Side Storage Only
- Store API keys in environment variables or secure vaults (e.g., AWS Secrets Manager, HashiCorp Vault)
- Use encrypted storage for sensitive data
- Implement strict access controls on key storage systems
- Log and monitor all API key usage and rotation events
Always Use HTTPS
- All API requests must use HTTPS (TLS 1.2 or higher)
- Never use HTTP for authentication requests
- Verify SSL/TLS certificates to prevent man-in-the-middle attacks
Limit Key Scope and Rate Limits
- Create separate API keys for different environments (dev, staging, production)
- Grant minimum necessary permissions to each key
- Implement rate limiting and monitor for unusual activity
- Set up alerts for unauthorized or excessive API calls
API Endpoints
Explore the core endpoints of our cloud API platform. Each endpoint includes authentication requirements, parameters, and response examples. All endpoints use REST conventions and return JSON responses.
/resources
List all resources available in your account. Supports pagination and filtering by status.
Parameters
limit— Number of results per page (default: 20, max: 100)offset— Pagination offset (default: 0)status— Filter by status: active or inactive
{
"data": [
{
"id": "res_1a2b3c",
"name": "Production Database",
"type": "database",
"status": "active",
"region": "us-west-2",
"created_at": "2026-04-15T10:30:00Z"
}
],
"pagination": {
"limit": 20,
"offset": 0,
"total": 145
}
}/resources/:id
Retrieve complete details of a specific resource by its unique identifier.
Path Parameters
idrequired— Unique resource identifier
{
"id": "res_1a2b3c",
"name": "Production Database",
"type": "database",
"status": "active",
"region": "us-west-2",
"created_at": "2026-04-15T10:30:00Z",
"updated_at": "2026-04-20T15:45:22Z",
"tags": ["production", "critical"],
"connection_count": 12
}/resources
Create a new resource in your account. Requires valid authentication and a properly formatted request body.
Request Body
namerequired— Display name for the resourcetyperequired— Resource type: database, cache, or storageregion— AWS region (default: us-east-1)tags— Array of string tags for organization
{
"id": "res_9x8y7z",
"name": "Staging Cache",
"type": "cache",
"status": "active",
"region": "eu-central-1",
"created_at": "2026-04-27T09:15:00Z",
"updated_at": "2026-04-27T09:15:00Z",
"tags": ["staging", "cache"],
"connection_count": 0
}/resources/:id
Permanently delete a resource from your account. This action cannot be reversed. Resources with active connections cannot be deleted.
Path Parameters
idrequired— Unique resource identifier
{
"success": true,
"message": "Resource deleted successfully",
"deleted_id": "res_1a2b3c",
"deleted_at": "2026-04-27T10:22:15Z"
}API Requirements
- All endpoints require authentication via API key or OAuth token. See the Authentication section for details.
- Include your API key in the
Authorization: Bearerheader with each request. - Rate limit: 1,000 requests per minute per API key. Rate limit status is included in response headers.
- HTTP status code
200indicates success. See error responses for status codes4xxand5xx.
Frequently Asked Questions
Common questions about the Cloud API Platform, authentication, rate limits, SDKs, and support.
What are the API rate limits?
Our API implements a tiered rate limiting system:
- Free Tier: 100 requests/minute
- Professional: 1,000 requests/minute
- Enterprise: Custom limits (contact sales)
Rate limit status is returned in response headers:
X-RateLimit-Limit: 1000
X-RateLimit-Remaining: 987
X-RateLimit-Reset: 1619827200When limits are exceeded, the API returns a 429 Too Many Requests response.
How is API versioning handled?
We use URL-based versioning. The current stable version is v1. All API endpoints are prefixed with the version:
https://api.cloudplatform.io/v1/resources
https://api.cloudplatform.io/v1/auth/tokenWe maintain backward compatibility within major versions. Deprecation notices are provided 6 months before removing any endpoint or parameter.
Check the Endpoints section for the latest version information.
How should I handle API errors?
All errors return a consistent JSON structure with HTTP status codes:
{
"error": {
"code": "INVALID_REQUEST",
"message": "Missing required parameter: api_key",
"request_id": "req_1a2b3c4d5e"
}
}Common status codes:
400– Bad Request401– Unauthorized403– Forbidden429– Rate Limited500– Server Error
Always include the request_id when contacting support.
Can I test the API in a sandbox environment?
Yes! We provide a fully functional sandbox environment for testing:
Sandbox: https://sandbox.api.cloudplatform.io/v1
Production: https://api.cloudplatform.io/v1The sandbox uses the same API specification and returns realistic responses. No actual resources are created or billed. Get started by requesting sandbox credentials from your account dashboard.
We recommend developing and testing all integrations in sandbox before moving to production.
What SDKs are available?
We maintain official SDKs for popular languages:
- Python:
pip install cloudplatform-sdk - JavaScript/Node.js:
npm install @cloudplatform/sdk - Go:
go get github.com/cloudplatform/go-sdk - Java:
Maven and Gradle support available - Ruby:
gem install cloudplatform
All SDKs are open-source and available on GitHub. Community-maintained SDKs for other languages are also available.
What are the support options and SLA?
Support options vary by plan:
- Free Tier: Community forums & GitHub issues
- Professional: Email support (24-hour response), SLA 99.5%
- Enterprise: Priority support (1-hour response), SLA 99.99%, dedicated account manager
Our status page at status.cloudplatform.io provides real-time platform status and incident history.
For critical production issues, use the emergency contact method provided in your account settings.
How do I authenticate API requests?
We support two authentication methods:
1. API Key (Recommended for simple integrations)
Authorization: Bearer your_api_key_here2. OAuth 2.0 (Recommended for user-facing applications)
For detailed authentication setup, see the Authentication section.
What response formats does the API support?
The API supports both JSON and MessagePack response formats:
Content-Type: application/json (default)
Content-Type: application/msgpackRequest the format using the Accept header:
Accept: application/json
Accept: application/msgpackJSON is the default and recommended for most use cases. MessagePack is useful for high-performance or bandwidth-constrained scenarios.
Can't find what you're looking for? Check out our full API documentation or contact our support team.