API docs by Redocly

5centsCDN API (2.0.0)

Download OpenAPI specification:Download

License: Apache 2.0

Introduction

The 5centsCDN API offers access to CDN services management, enabling you to automate actions and integrate CDN functionalities into your own applications. This documentation covers general guidelines, including authentication, rate limiting, and error handling.

Base URL: https://api.5centscdn.com/v2

Authentication

The API requires authentication via an API key passed in the request headers. This key acts as a unique identifier, linking your account to the API requests made on your behalf.

API Key Authentication

Each request to the API must include the API key in the header, using the key X-API-KEY. Without this, requests will be rejected with a 401 Unauthorized status.

Example header:

X-API-KEY: YOUR_API_KEY
  • How to obtain your API key: API keys can be generated from your 5centsCDN account control panel. Please follow secure procedures to store and manage this key.
  • Keep your API key secure: Treat the API key as sensitive information. Avoid sharing or exposing it in public repositories or logs. Consider using environment variables to manage and inject it securely within your application.
  • Revoking or regenerating keys: You may regenerate or revoke your API key at any time in case of potential security breaches or when access needs to be restricted.

Rate Limiting and Throttling

  • Rate Limit: The API enforces a rate limit of 5 requests per second. Exceeding this rate results in a 429 Too Many Requests response.
  • Throttling Specific Endpoints: Throttling may apply to endpoints with higher sensitivity, like login and user management, to prevent abuse and brute-force attacks.
  • Best Practices for Rate Limits:
    • Implement retries with exponential backoff to handle rate limits gracefully.
    • Avoid making unnecessary API calls by caching frequent responses where possible.

HTTP Status Codes

The API uses standard HTTP status codes for clear communication. Here are some key codes and their meanings:

  • 200 OK: Request succeeded.
  • 201 Created: Resource created successfully.
  • 400 Bad Request: Missing or invalid parameters.
  • 401 Unauthorized: API key missing, invalid, or expired.
  • 403 Forbidden: Insufficient permissions for the requested operation.
  • 404 Not Found: Resource not found.
  • 429 Too Many Requests: Rate limit exceeded.
  • 500 Internal Server Error: Server encountered an error processing the request.

Security Best Practices

  • Use HTTPS: Ensure all API requests are made over HTTPS to encrypt data in transit.
  • API Key Rotation: Periodically rotate your API keys and update your applications to reduce the risk of compromise.
  • Monitor Usage: Regularly monitor API usage to detect any unusual patterns or unauthorized access.
  • Limit API Key Scope: If available, generate multiple API keys with limited permissions or scopes for specific purposes within your application.

Authentication

Information on authenticating and securing API requests.