Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.campground.fyi/llms.txt

Use this file to discover all available pages before exploring further.

Every request to the Campground API must be authenticated using an API key. You pass the key as a bearer token in the Authorization header. Requests without a valid key are rejected with a 401 response.

Getting an API key

API keys are managed by organization admins. Go to Settings > API Keys in your Campground dashboard to create a key. See Managing API keys for step-by-step instructions.
Copy your API key immediately after creation — Campground only displays the full key once. If you lose it, revoke the key and create a new one.

Sending the API key

Include your API key in the Authorization header of every request: 
Authorization: Bearer {your_api_key}

Example request

curl https://api.campground.fyi/public/v1/profiles.list \
  -H "Authorization: Bearer cg_live_xxxxxxxxxxxxxxxxxxxx"

API key scopes

Each API key is created with a set of scopes that control which resources it can access. Requests that require a scope not granted to the key receive a 403 response.
ScopeAccess granted
read:profilesRead profile data (list and detail endpoints)
write:profilesCreate and update profiles and profile field values
read:teamsRead team data (list and detail endpoints)
read:applicationsRead application data

Error responses

401 Unauthorized

Returned when the Authorization header is missing or the API key is invalid, expired, or revoked. 
{
  "error": "Unauthorized",
  "message": "Invalid or missing API key"
}
How to fix: Verify you are sending the key in the Authorization: Bearer {your_api_key} format and that the key has not been revoked.

403 Forbidden

Returned when the API key is valid but does not have the required scope for the requested operation. 
{
  "error": "Forbidden",
  "message": "API key does not have the required scope"
}
How to fix: Check the required scope for the endpoint you are calling and ensure your API key was created with that scope.
Keep your API key secret. Do not commit it to source control or expose it in client-side code. Treat it like a password.