The API provides programmatic access to R4 platform features using API key authentication. It's designed for automation, integrations, and server-to-server communication.
The API enables you to:
All API endpoints are available at:
https://r4.dev/api/v1/machine
All API requests require authentication using an API key. See the Authentication guide for details on generating and using API keys.
Include your API key in the X-API-Key header:
curl -X GET "https://r4.dev/api/v1/machine/domain-manager/dns-records?domain=example.com" \
-H "X-API-Key: rk_abc123def456.ghijklmnopqrstuvwxyz"API requests are rate limited to ensure fair usage:
| Limit Type | Value |
|---|---|
| Per minute | 100 requests |
| Per day | 10,000 requests |
When you exceed the rate limit, you'll receive a 429 Too Many Requests response:
{
"error": {
"code": "rate_limit_exceeded",
"message": "Rate limit exceeded. Please wait before making additional requests."
}
}All API errors follow a consistent format:
{
"error": {
"code": "error_code",
"message": "Human-readable error message"
}
}| Code | HTTP Status | Description |
|---|---|---|
unauthorized | 401 | Invalid or missing API key |
forbidden | 403 | API key doesn't have access to this resource |
not_found | 404 | The requested resource was not found |
rate_limit_exceeded | 429 | Too many requests |
internal_error | 500 | An unexpected error occurred |
Manage DNS records for domains in your organization.
| Endpoint | Method | Description |
|---|---|---|
/domain-manager/dns-records | GET | Get DNS records for a domain |
Create and manage projects — organizational units that contain vaults, licenses, and license groups.
| Endpoint | Method | Description |
|---|---|---|
/project | GET | List all projects |
/project | POST | Create a new project |
/project/:id | GET | Get project details with associated resources |
Manage encrypted vaults and vault items for secret storage and retrieval.
| Endpoint | Method | Description |
|---|---|---|
/vault | POST | Create a new vault |
/vault | GET | List all vaults (optionally filter by project) |
/vault/env/:projectId | GET | Get environment variables for a project |
/vault/encryption-key | GET | Get the encryption key for an encrypted vault |
/vault/:vaultId | GET | Get vault details |
/vault/:vaultId | DELETE | Archive a vault |
/vault/:vaultId/items | POST | Create a vault item |
/vault/:vaultId/items | GET | List vault items |
/vault/:vaultId/items/:itemId | GET | Get vault item details with secrets |
/vault/:vaultId/items/:itemId | DELETE | Archive a vault item |
See the API Reference for full request/response documentation.
We provide an official Node.js SDK for interacting with the API. See the @r4security/sdk package for installation and usage.
import requests
API_KEY = "rk_abc123def456.ghijklmnopqrstuvwxyz"
BASE_URL = "https://r4.dev/api/v1/machine"
def list_projects() -> dict:
response = requests.get(
f"{BASE_URL}/project",
headers={"X-API-Key": API_KEY}
)
response.raise_for_status()
return response.json()
def list_vault_items(vault_id: str) -> dict:
response = requests.get(
f"{BASE_URL}/vault/{vault_id}/items",
headers={"X-API-Key": API_KEY}
)
response.raise_for_status()
return response.json()
# Usage
projects = list_projects()
print(projects)const API_KEY = 'rk_abc123def456.ghijklmnopqrstuvwxyz'
const BASE_URL = 'https://r4.dev/api/v1/machine'
async function listProjects() {
const response = await fetch(`${BASE_URL}/project`, {
headers: { 'X-API-Key': API_KEY },
})
if (!response.ok) throw new Error(`API error: ${response.status}`)
return response.json()
}
async function getVaultItemDetail(vaultId: string, itemId: string) {
const response = await fetch(`${BASE_URL}/vault/${vaultId}/items/${itemId}`, {
headers: { 'X-API-Key': API_KEY },
})
if (!response.ok) throw new Error(`API error: ${response.status}`)
return response.json()
}
// Usage
const projects = await listProjects()
console.log(projects)If you need help with the API: