Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.iblueprint.ai/llms.txt

Use this file to discover all available pages before exploring further.

iBlueprint’s API uses API keys for authentication. Every key is scoped to your user account — it can access only the Blueprints and data that belong to you. You generate and manage keys from the iBlueprint dashboard, then pass them as a Bearer token in the Authorization header of each API request.

Generate an API key

  1. Open the iBlueprint web app and go to Settings → API Keys.
  2. Click New API key.
  3. Give the key a descriptive name so you can identify it later (for example, CI pipeline or Local dev).
  4. Click Create. The key is displayed once — copy it immediately.
iBlueprint shows your API key only once, at creation time. If you lose it, you must revoke the key and create a new one. Never share your API key or commit it to source control.

Use your API key

Include your API key in the Authorization header of every request, using the Bearer scheme: 
Authorization: Bearer YOUR_API_KEY

Example: list your Blueprints

curl -G "https://api.iblueprint.ai/api/trpc/blueprint.list" \
  --data-urlencode 'input={"json":{"page":1}}' \
  -H "Authorization: Bearer YOUR_API_KEY"

Example: execute a Blueprint

curl -X POST https://api.iblueprint.ai/api/trpc/blueprint.execute \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"json": {"id": "<blueprint-id>", "variables": {}}}'

Example: check execution status

curl -G "https://api.iblueprint.ai/api/trpc/execution.getExecutionStatus" \
  --data-urlencode 'input={"json":{"executionId":"exec_abc123"}}' \
  -H "Authorization: Bearer YOUR_API_KEY"
The iBlueprint API is built on tRPC and served at /api/trpc. Queries use GET requests and mutations use POST requests. See the API reference for the full list of endpoints and their expected inputs.

Manage API keys

All keys you create appear in Settings → API Keys with their name and creation date. To revoke a key, click the trash icon next to it. Revoked keys stop working immediately — any service using that key will receive a 401 Unauthorized response.
Create a separate API key for each environment or integration (for example, one for local development and one for your production pipeline). That way you can revoke a single key without disrupting other services.

Keep keys secure

  • Store API keys in environment variables, not in source code.
  • Use a secrets manager (such as AWS Secrets Manager, HashiCorp Vault, or GitHub Actions secrets) in CI/CD pipelines.
  • Rotate keys periodically and immediately if you suspect a key has been exposed.
  • Revoke keys that are no longer in use.

Related