FlowCaptainFC
Registrieren

Authentication

How to authenticate with the FlowCaptain API using Bearer tokens and API keys.

Authentication

All FlowCaptain API requests require authentication via a Bearer token in the Authorization header.

API Key Authentication

Authorization: Bearer sk_live_your_api_key_here

API keys are scoped to a specific calendar. Every request authenticated with a key will operate on that calendar's configuration, opening hours, and Google Calendar.

Request Example

curl -X POST https://api.flowcaptain.ai/api/v1/check-availability \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer sk_live_your_api_key" \
  -d '{"query": "next Monday"}'

Error Responses

Missing or invalid API key:

{
  "error": "Unauthorized",
  "message": "Invalid or missing API key"
}

HTTP Status: 401 Unauthorized

Key belongs to a deactivated calendar:

{
  "error": "Forbidden",
  "message": "This calendar is not active"
}

HTTP Status: 403 Forbidden

MCP Authentication

The MCP endpoint (POST /mcp) uses the same Bearer token authentication:

Authorization: Bearer sk_live_your_api_key

The Accept header must include application/json, text/event-stream for MCP requests.