We originally launched the Marble API using Workspace IDs in the URL for authorization. While this worked for getting started quickly, it wasn't ideal since Workspace IDs couldn't be rotated. Many of you requested a better way to authenticate, and we listened.
You can now make requests by passing your unique API key in the Authorization header. This is a much safer approach that allows you to rotate keys if they are ever compromised.
const response = await fetch("https://api.marblecms.com/v1/posts", {
headers: {
"Authorization": "Bearer YOUR_API_KEY"
}
});You can generate and manage your API keys directly from your dashboard. While today's keys are purely for read access, in the near future, we'll be introducing Private Keys to grant write permissions to your workspace, allowing full programmatic control over your content.
Read more about authentication in our API documentation.