Authentication
All API requests must include a valid authentication credential. AsyncQueue supports two authentication methods.
API keys
Section titled “API keys”API keys are the recommended way to authenticate programmatic access. Include the key in the Authorization header:
curl https://api.asyncqueue.io/v1/tasks \ -H "Authorization: Bearer aq_live_abc123..."Key prefixes
Section titled “Key prefixes”| Prefix | Environment |
|---|---|
aq_live_ | Production |
aq_test_ | Sandbox (tasks are accepted but not executed) |
Managing keys
Section titled “Managing keys”You can create, list, and revoke API keys through the dashboard or the API:
# List keyscurl https://api.asyncqueue.io/v1/apikeys \ -H "Authorization: Bearer YOUR_API_KEY"
# Create a new keycurl -X POST https://api.asyncqueue.io/v1/apikeys \ -H "Authorization: Bearer YOUR_API_KEY" \ -H "Content-Type: application/json" \ -d '{"name": "production-worker"}'
# Revoke a keycurl -X DELETE https://api.asyncqueue.io/v1/apikeys/key_id \ -H "Authorization: Bearer YOUR_API_KEY"JWT tokens
Section titled “JWT tokens”JWT tokens are used for browser-based dashboard sessions. They are issued through the magic link login flow and expire after 24 hours.
The JWT is included as a Bearer token in the same way as API keys:
Authorization: Bearer eyJhbGciOiJIUzI1NiIs...Rate limits
Section titled “Rate limits”All authenticated requests are subject to rate limits based on your plan:
| Plan | Requests per minute |
|---|---|
| Free | 60 |
| Pro | 600 |
| Enterprise | Custom |
Rate-limited responses return 429 Too Many Requests with a Retry-After header.