Every Rendobar API request needs an API key in theDocumentation Index
Fetch the complete documentation index at: https://rendobar.com/docs/llms.txt
Use this file to discover all available pages before exploring further.
Authorization header:
rb_live_ (production) or rb_test_ (test mode). Get one from app.rendobar.com → Settings → API keys. Test-mode jobs run end to end but don’t consume credits.
Three credential types
| Type | Where to use it |
|---|---|
API key (rb_live_* / rb_test_*) | REST API, MCP, CLI in CI |
Session cookie (rb_session) | Dashboard browser sessions only — set automatically when you sign in |
| OAuth 2.1 token | MCP clients with native OAuth support, or the CLI’s rb login browser flow |
Use a key
Manage keys
Keys are scoped to an organization, not a user. Each key has a name. There’s no per-org limit on the number of keys.401 UNAUTHORIZED immediately.
Auth context
Every authenticated request resolves to:userId— the authenticated user (when via session or OAuth)orgId— the active organizationplan— current plan; controls rate limits, allowed job types, balance
OAuth for MCP
MCP clients that speak OAuth 2.1 natively can register dynamically and run a PKCE flow against Rendobar’s authorization server. Tokens are scoped to the user’s organization. See MCP overview for setup. API keys are simpler and recommended for non-interactive integrations.Errors
401. Other auth-adjacent errors live in Error codes.