Management API
Management and Deployment API documentation for api.spice.ai
The Spice.ai Management API (api.spice.ai) provides programmatic access to manage your Spice.ai Cloud resources including apps, deployments, secrets, API keys, and organization members.
Base URL
https://api.spice.aiAPI Version
All API endpoints are versioned under /v1:
https://api.spice.ai/v1Authentication
The Management API supports three authentication methods:
1. Personal Access Tokens (PATs)
Personal Access Tokens are user-scoped tokens that provide secure, long-lived access to the API. PATs are recommended for:
CLI tools and automation scripts
CI/CD pipelines
Personal integrations
Creating a PAT:
Sign in to Spice.ai Cloud Portal
Navigate to Profile → Personal Access Tokens
Click Create Token
Select an organization and configure scopes
Copy the token (it won't be shown again)
Using a PAT:
Learn more: Personal Access Tokens
2. OAuth 2.0 Client Credentials
OAuth client credentials are organization-scoped tokens ideal for:
Service-to-service authentication
Multi-tenant applications
Third-party integrations
Using OAuth:
3. User Session Tokens (CLI)
The Spice CLI uses user session tokens obtained through the browser-based login flow. These tokens provide full access to resources in your personal organization.
OAuth Scopes
Access to API resources is controlled through scopes. PATs and OAuth clients must be granted appropriate scopes:
*
Full access to all resources (not recommended for production)
apps:read
Read app information
apps:write
Create and update apps
apps:delete
Delete apps
deployments:read
View deployment status and history
deployments:write
Create new deployments
secrets:read
List and view secrets (values are masked)
secrets:write
Create, update, and delete secrets
config:read
Read app configuration
config:write
Update app configuration
members:read
View organization members
members:write
Add and update organization members
members:delete
Remove organization members
Scope Hierarchy:
Write scopes (
apps:write) imply read access (apps:read)Wildcard scope (
*) grants all permissions
Rate Limiting
The API implements rate limiting to ensure service stability:
Per-user: 1000 requests per minute
Per-organization: 10,000 requests per minute
Rate limit information is included in response headers:
Error Responses
The API uses standard HTTP status codes:
200 OK
Request succeeded
201 Created
Resource created successfully
202 Accepted
Request accepted (async operation)
204 No Content
Request succeeded with no response body
400 Bad Request
Invalid request body or parameters
401 Unauthorized
Missing or invalid authentication
403 Forbidden
Insufficient scope or permissions
404 Not Found
Resource not found
409 Conflict
Resource already exists or conflict
429 Too Many Requests
Rate limit exceeded
500 Internal Server Error
Server error
Error Response Format:
Pagination
List endpoints support pagination through query parameters:
limit
integer
20
Maximum number of items to return (max: 100)
offset
integer
0
Number of items to skip
OpenAPI Specification
Interactive API documentation is available at:
Download the OpenAPI specification:
SDK Support
Official SDKs are available for popular languages:
Endpoints
Health - API health check
Regions - List available deployment regions
Apps - Manage Spice apps
Deployments - Deploy and manage app deployments
Secrets - Manage app secrets
API Keys - Manage app API keys
Members - Manage organization members
Container Images - List available runtime versions
Terraform Provider
The Management API supports infrastructure-as-code workflows through the Spice.ai Terraform Provider. See the Terraform Provider page for full documentation including resources, data sources, import, and complete examples.
Examples
List all apps
Create a new app
Create a deployment
Add a secret
Support
For questions or issues with the Management API:
Last updated
Was this helpful?