Authentication
All API requests require authentication using an API key.
Getting your API key
- Log in to your Origami Dashboard
- Click Generate Key
- Copy your key immediately — it will only be shown once
- Store it securely
Your API key is shown only once during creation. If you lose it, you’ll need to generate a new one. Keep it secret and never expose it in client-side code.
Using your API key
Include your API key in the x-origami-key header with every request:
curl -X POST https://api.origamiagents.com/api/v1/workflows/{workflowId}/runs/async \
-H "x-origami-key: your-api-key" \
-H "Content-Type: application/json" \
-d '{"nodes": {}}'
Rate Limits
API requests are rate limited to ensure fair usage:
| Endpoint | Global Limit | Per-Resource Limit |
|---|
Trigger Run (POST /workflows/{id}/runs/async) | 50 requests/min | 30 requests/min per workflow |
Check Status (GET /workflows/{id}/runs/{runId}/async/status) | 50 requests/min | 6 requests/min per run |
Get Response (GET /workflows/{id}/runs/{runId}/async/response) | 50 requests/min | — |
429 response with a Retry-After header indicating when you can retry.
Error Responses
Authentication errors return the following format:
{
"success": false,
"error": "Invalid API key"
}
| Status Code | Meaning |
|---|
401 | Invalid or missing API key |
403 | API key doesn’t have access to this workflow |
404 | Workflow not found |
