Skip to main content
The Wardin REST API lets you manage keys, budgets, policies, and pull analytics data programmatically. It’s the same API the Wardin dashboard uses internally.

Base URL

https://api.wardin.ai/v1

Authentication

All API requests require a wardin_sk_ key in the Authorization header:
Authorization: Bearer wardin_sk_YOUR_KEY
The key must belong to a user with manager-level access to perform write operations. Read operations (analytics, key listing) work with any valid key. See Authentication for details.

Versioning

The API is versioned in the URL path (/api/v1/). Breaking changes (field removal, type change) require a new version with a 6-month deprecation window on the previous version. Adding optional fields is non-breaking and does not require a new version.

Response format

All responses are JSON. Success responses return the resource directly (no wrapper envelope):
{
  "id": "key_01j...",
  "name": "alice-dev",
  "monthlyBudgetUsd": 100,
  "currentSpendUsd": 42.17,
  "createdAt": "2025-01-15T10:00:00Z"
}
List responses use cursor pagination:
{
  "data": [...],
  "nextCursor": "cursor_01j...",
  "hasMore": true
}
Pass ?cursor=cursor_01j... to fetch the next page. Default page size is 50.

Error format

All errors use the same structured shape:
{
  "error": {
    "type": "budget_exceeded",
    "message": "Monthly budget of $50.00 has been reached.",
    "code": 429
  }
}
HTTP statustypeMeaning
400validation_errorInvalid request body
401unauthorizedMissing or invalid API key
403forbiddenKey lacks permission for this operation
403policy_violationRequest blocked by a policy
404not_foundResource does not exist
429budget_exceededMonthly budget reached
429rate_limit_exceededRPM or TPM limit reached
500internal_errorUnexpected server error

Interactive docs

The full interactive API reference (powered by Swagger UI) is available at:
https://api.wardin.ai/docs
Machine-readable OpenAPI JSON:
https://api.wardin.ai/docs-json

Rate limits on the API itself

Management API calls (not gateway proxy calls) are limited to 120 requests per minute per key. This limit is separate from the gateway proxy rate limits configured on keys.