Charter Boats API

Authentication

Learn how to authenticate with the Charter Boats API

API Key Authentication

The Charter Boats API uses API keys to authenticate requests. Include your API key in the X-API-Key header with every request.

curl https://charter.boats/api/import/boat \
  -H "X-API-Key: cb_live_abc123..."

Getting an API Key

Boat owners can generate their own API key directly from the dashboard:

  1. Log in to charter.boats
  2. Go to Dashboard → Settings → API Access
  3. Click Generate API Key
  4. Copy and save your key (it's only shown once)

Your API key will look like: cb_live_ followed by 32 characters.

API keys are only available for boat owners. List at least one boat to get access.

Regenerating Your Key

If your key is compromised, you can regenerate it from the same settings page. This will immediately invalidate your old key.

Security Best Practices

Never expose your API key in client-side code, public repositories, or anywhere it could be accessed by unauthorized parties.

Recommendations

DoDon't
Store API keys in environment variablesCommit API keys to version control
Use server-side code to make API callsInclude keys in client-side JavaScript
Rotate keys periodicallyShare keys across different applications
Use different keys for dev and production

Rate Limits

EndpointRate Limit
Boat Import100 requests/hour
Boat List1000 requests/hour
Calendar ExportUnlimited

If you need higher limits, contact us at api@charter.boats.

Error Responses

401 Unauthorized

Missing or invalid API key:

{
  "statusCode": 401,
  "message": "API key required. Include X-API-Key header."
}
{
  "statusCode": 401,
  "message": "Invalid API key"
}

429 Too Many Requests

Rate limit exceeded:

{
  "statusCode": 429,
  "message": "Rate limit exceeded. Please retry after 60 seconds."
}

Previous

Quick Start

Next

API Reference

On this page