Skip to content

API Overview

For most clients, authentication is performed by session cookie. Logging in to the platform sets a client's c3d_session_v5 cookie to their new session ID. The value of this cookie is used to authenticate subsequent requests.

Authentication By Domain API Key

For clients authenticating with a Domain API Key, use the Authorization header.


For clients authenticating with a session cookie, a csrf token must be sent with any request that is not a GET request.

Authentication Overview

Header Name Header Value
Authorization APIKEY:DOMAIN <api key goes here>
c3d-csrf <csrf token goes here>
Cookie Name Cookie Value
c3d_session_v5 <session ID>

Content Types

Most requests accept only JSON or do not expect a request body at all. The expected JSON request formats are documented where possible. Endpoints that upload raw files instead expect raw binary data and a content type that accurately reflects the file being uploaded. Similarly, endpoints that serve raw files will serve them with the content type they were uploaded with. All other routes return JSON or do not return with a response body.


Endpoint access is generally based on access to a given project, organization, or domain. Typical users that are not superadmins have roles on a per domain, per organization, per project basis. Most endpoints that require authorization require a capability in the same way: they require a capability on a domain, organization, or project.

All organizations belong to a single parent domain, and access to that domain provides access to that domain's organizations.

All projects belong to a single parent organization, and access to that organization provides access to that organization's projects.

Users cannot have capabilities on a scene or a scene version level, but both scenes and scene versions also exist in the same hierarchy. Any endpoint that operates on a scene or scene version expects the user to have access to that scene's parent project.

Entity Has User Roles
Domain Yes
Organization Yes
Project Yes
Scene No
Scene Version No

Additional API Documentation

For more comprehensive access to our API documentation and routes, please contact us.

intercom If you have a question or any feedback about our documentation please use the Intercom button (purple circle) in the lower right corner of any web page.