SDK ingestion
SDK ingestion endpoints under/api/v1/* use your organization ID in the x-org-id header. The org ID is also passed as org_id or write_key in SDKs.
The org ID is a public routing identifier. It does not grant dashboard read access by itself.
Dashboard and API access
Dashboard API endpoints use one of these:| Method | Headers | Use case |
|---|---|---|
| JWT | Authorization: Bearer <jwt> and x-org-id | Browser/dashboard access after login |
| API key | x-api-key and optional x-org-id | Programmatic dashboard/API access |
agnost_<64-hex> format and are issued from Settings -> API Keys.
Common mistakes
- Sending
x-org-idwithout a JWT or API key to dashboard endpoints. - Using the wrong org ID when a user belongs to multiple organizations.
- Forgetting the
X-Agnost-Org-IDheader on OpenTelemetry exporters. - Treating the org ID as a secret. Rotate API keys if they leak; org IDs are routing identifiers.
