Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.scaleo.io/llms.txt

Use this file to discover all available pages before exploring further.

All Brand API requests are authenticated with an API key passed as the api-key query parameter: 
GET https://your-domain.scaleo.io/api/v2/affiliate/profile?api-key=YOUR_KEY
The user account that owns the key must have api_status enabled.

Role scoping

Each API key is bound to a specific user role and cannot call endpoints outside that role:
RoleEndpoint prefix
Manager/api/v2/network/...
Affiliate/api/v2/affiliate/...
Calling an endpoint with the wrong role’s key returns 403 Forbidden.

Where to find your key

  • Affiliate — dashboard → Profile → API.
  • Manager — admin panel → Users → Managers → → API.
Keys can be regenerated at any time. Regeneration invalidates the previous key immediately.

Security best practices

API keys are sent as a URL query parameter. Do not log full request URLs in environments where logs may be captured or stored.
  • Use HTTPS only — HTTP does not protect the key in transit.
  • If a key is leaked, rotate it from the dashboard immediately.
  • For server-to-server integrations, store keys in a secrets manager rather than in source control.