Getting started
Base URL:https://core.ravenna.ai/api
Authentication: Include your API key in the x-ravenna-api-token header with every request.
Example request:
Authentication
Create an API key
- Navigate to Settings in your Ravenna workspace
- Select API Keys from the sidebar
- Click Create API Key
- Copy your key and store it securely
Use your API key
Include your API key in thex-ravenna-api-token header with every request:
Authenticate via query parameter
For environments where you cannot set custom HTTP headers, such as browser-based access, embedded links, or webhook receivers, pass your API key as theapiKey query parameter instead:
Monitor API key usage
The API Keys settings page shows a Last used timestamp for each key. Use this to:- Identify unused or stale keys that can be safely revoked
- Verify that integrations are actively using their assigned keys
Revoke an API key
To revoke an API key:- Go to Settings > API Keys
- Find the key you want to revoke
- Click the Revoke button
Finding resource IDs
Most write endpoints reference other resources by ID (for example,assigneeId, queueId, workspaceId, or a custom field ID). IDs are not shown in the web app. Look them up with the matching list endpoint, then reuse the id value in your next request.
Common lookups:
- Users (for
assigneeId,requesterId,approverIds): callGET /users. Narrow the result with thesearch,email, orworkspaceIdquery parameters, then copy theidfield from the user you want. - Workspaces (for
workspaceId): callGET /workspacesto list every workspace your API key can access. - Queues (for
queueId): callGET /queues, optionally filtered byworkspaceId. - Forms, statuses, tags, and custom fields: call the matching list endpoint (for example,
GET /forms,GET /statuses,GET /tags) and copy theidof the entry you need.
Making requests
Response format
All responses return JSON with aContent-Type: application/json header. The response body contains the resource data directly, without a top-level data wrapper.
Successful responses return the requested resource. The example below shows a queue response, but the fields differ by endpoint. For example, GET /queues/{id} returns queue fields (id, name, status, and so on), while GET /users/{id} returns user fields. Refer to the endpoint’s reference page for the full field list.
code is a stable machine-readable string you can branch on, and message is a human-readable description that may change:
Rate limits
The API enforces rate limits to ensure fair usage. If you exceed the limit, you’ll receive a
429 Too Many Requests response. Wait before retrying your request.Common error codes
Every error response uses the JSON envelope shown in Response format. The HTTP status maps to the following categories:400 Bad Request: Request body or query parameters are malformed or missing required fields401 Unauthorized: Invalid or missing API key403 Forbidden: Valid API key but insufficient permissions for the requested action404 Not Found: Resource does not exist or is not visible to your API key409 Conflict: Request conflicts with the current state of the resource (for example, a duplicate)422 Unprocessable Entity: Request is well-formed but fails validation429 Too Many Requests: Rate limit exceeded, wait before retrying500 Internal Server Error: Server error, contact support if persistent