Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.coverbase.com/llms.txt

Use this file to discover all available pages before exploring further.

The Coverbase API uses bearer token authentication. Every request must include your API key in the Authorization header.
API keys grant significant access to your TPRM data. Never share them in public repositories, client-side code, screenshots, or support tickets. Treat them like passwords.

Request an API key

API keys are provisioned by Coverbase admins in your organization. Contact your admin or your Coverbase account manager to request one.

Base URL

https://api.coverbase.app

Authorization header

Include your key as a bearer token in every request: 
Authorization: Bearer <api-key>

Test your connection

Use the /v1/utils/authtest endpoint to verify three things at once: your key is valid, you can reach Coverbase’s servers, and your firewall or proxy allows outbound HTTPS traffic. 
curl -H "Authorization: Bearer <api-key>" \
     -H "Content-Type: application/json" \
     https://api.coverbase.app/v1/utils/authtest
A successful request returns 200 OK: 
{ "msg": "Auth successful" }

Common errors

Your API key is missing, malformed, or invalid. Confirm that the Authorization header is present and that the key has not been rotated or revoked.
Your API key is valid but lacks permission for the resource you’re accessing. The Coverbase API enforces the same role and scope rules as the dashboard. Ask your admin to confirm your key’s permissions.
Check your VPN, proxy, and firewall rules. Coverbase requires outbound HTTPS access to api.coverbase.app.
Unauthenticated requests are rejected. There is no public unauthenticated surface area on the API.