Authentication Overview

The Extend API uses Bearer token authentication for all API requests. You’ll need to use your API token when instantiating the client if you’re using the SDK or in the Authorization header of each request if you’re using the API directly.

Obtaining an API Token

  1. Navigate to the Extend Developer Settings
  2. Create a new API key or copy an existing one

Important: Keep your API tokens secure and never share them publicly. Rotate them regularly and immediately if they’re ever compromised.

API Key Scopes

API keys have a scope of either organization or workspace:

  • Workspace keys — Scoped to a single workspace and work for requests to that workspace.
  • Organization keys — These keys work across any workspace in the org. Must be used with the X-Extend-Workspace-Id header to specify the workspace. Only org admins can create keys with organization scope.

Example Usage

POST
/workflow_runs
1import { ExtendClient } from "extend-ai";
2
3async function main() {
4    const client = new ExtendClient({
5        token: "YOUR_TOKEN_HERE",
6        extendApiVersion: "2026-02-09",
7    });
8    await client.workflowRuns.create({
9        workflow: {
10            id: "wf_1234567890",
11        },
12        file: {
13            url: "https://example.com/invoice.pdf",
14        },
15    });
16}
17main();
Try it

Error Handling

If authentication fails, you’ll receive a 401 Unauthorized response. Common causes include:

  • Missing the Authorization header
  • Invalid token format
  • Expired or revoked token
  • Insufficient permissions for the requested resource