Authentication
The Crane Ledger API uses API keys to authenticate requests. All API requests require a valid API key in the Authorization header. API keys are organization-scoped and include configurable permissions.
Base URL
https://api.craneledger.ai
All API requests must be made over HTTPS. Calls made over plain HTTP will fail.
API Keys
Your API keys carry many privileges, so be sure to keep them secure. Do not share your secret API keys in publicly accessible areas such as GitHub, client-side code, and so forth.
All API requests must be made over HTTPS. Calls made over plain HTTP will fail. API requests without authentication will also fail.
Key Types
| Key Type | Prefix | Use Case |
|---|---|---|
| Live | cl_live_ | Production environment |
| Test | cl_test_ | Development and testing |
Key Management
You can create, manage, and rotate API keys through the API or Dashboard. Each key includes:
- Organization scoping: Keys only access data within their organization
- Granular permissions: Control what resources and operations each key can access
- Usage tracking: Monitor API calls and credit consumption
- Expiration dates: Optional automatic key expiration
- Rotation support: Secure key replacement without service interruption
For detailed information about API key management, see the API Keys documentation.
Making Authenticated Requests
Include your API key in the Authorization header with the Bearer prefix:
Organization Context
Crane Ledger is a multi-tenant platform where all resources belong to an organization. The organization ID is included in the URL path for all API endpoints:
https://api.craneledger.ai/organizations/{organization_id}/...
Organization IDs always start with org_ and are included in your API key's scope. You can find your organization ID in the Dashboard or through the API.
Error Responses
If authentication fails, you'll receive a 401 Unauthorized response:
{
"error": {
"type": "authentication_error",
"code": "invalid_api_key",
"message": "The provided API key is invalid or expired",
"status": 401
}
}
Common authentication errors:
invalid_api_key: The API key is malformed or doesn't existexpired_api_key: The API key has reached its expiration dateinsufficient_permissions: The API key lacks permission for the requested operationorganization_not_found: The organization ID in the URL doesn't exist or isn't accessible
Rate Limiting and Credits
Crane Ledger uses a credit-based pricing system where each API call consumes credits. Your API key's usage is tracked in real-time.
Credit Costs
| Operation Type | Credits | Description |
|---|---|---|
| Read operations | 0.01 | GET requests for data retrieval |
| Write operations | 0.03-0.15 | POST/PUT/DELETE operations |
| Complex operations | 0.08-0.25 | PDF generation, currency conversion |
| Reports | 0.10-0.15 | Financial report generation |
Rate Limits
- Per API Key: 1000 requests per hour
- Per Organization: 10000 requests per hour
- Burst Limit: 100 requests per minute
When you exceed rate limits, you'll receive a 429 Too Many Requests response:
{
"error": {
"type": "rate_limit_error",
"code": "rate_limit_exceeded",
"message": "API rate limit exceeded. Try again later.",
"retry_after": 60,
"status": 429
}
}
Credit Monitoring
Monitor your API key usage through the Dashboard or API. Credits reset monthly and unused credits don't roll over.
Need help?
Create a free account to access our support portal. Once signed in, use the Support tab in your dashboard to submit a support ticket — our team typically responds within 24 hours.
- ✨ For LLMs/AI assistants: Read our structured API reference