API
Authentication and Health
Authenticate correctly, check the right health endpoint, and discover each API concern safely.
If you only learn one defensive habit in Quilt, make it this one:
Check health before you mutate things.
That single habit prevents a lot of wasted debugging.
Authentication
Most protected routes accept one of these headers:
X-Api-Key: <key>
Authorization: Bearer <token>Default base URL:
https://backend.quilt.shExample with an API key
curl \
-H "X-Api-Key: $QUILT_API_KEY" \
https://backend.quilt.sh/api/system/infoExample with a bearer token
curl \
-H "Authorization: Bearer $QUILT_TOKEN" \
https://backend.quilt.sh/api/system/infoHealth Checks: What Each One Means
Quilt uses different health endpoints for different questions.
| Question | Route to use | What it tells you |
|---|---|---|
| ”Is the backend alive at all?” | GET /health | Liveness only |
| ”Is container work ready?” | GET /api/containers/health | Container concern readiness |
| ”Can functions run?” | GET /api/functions/health | Function concern readiness |
| ”Is elasticity healthy?” | GET /api/elasticity/health | Elasticity concern readiness |
Why /health Is Not Enough
GET /health is a front-door heartbeat. It does not prove that a specific subsystem is ready for your next action.
Analogy:
/healthanswers “is the building open?”/api/containers/healthanswers “is the kitchen staffed and ready to cook?”
Both matter, but they are not the same question.
Concern Guides
Most major API families expose:
GET /api/<concern>/help
GET /api/<concern>/examples
GET /api/<concern>/healthYou can also request Markdown by adding ?format=markdown or sending Accept: text/markdown.
Example
curl \
-H "X-Api-Key: $QUILT_API_KEY" \
-H "Accept: text/markdown" \
https://backend.quilt.sh/api/oci/helpSafe Startup Checklist
Check platform liveness
Check concern health
If you are about to work with containers, use:
Inspect help or examples if the route family is unfamiliar
Only then perform the mutation
This keeps troubleshooting grounded in real platform state instead of guesswork.
Common Mistakes
I checked `/health`, so why did my container call still fail?
I checked `/health`, so why did my container call still fail?
Because /health only proves the backend is alive. It does not guarantee container readiness, available capacity, or a healthy runtime worker.
Can I use concern guides for OCI too?
Can I use concern guides for OCI too?
Yes. OCI is covered by the oci concern, including GET /api/oci/help, GET /api/oci/examples, and GET /api/oci/health.
Should I retry mutations blindly when something fails?
Should I retry mutations blindly when something fails?
No. First confirm health, then inspect the returned operation or error. Blind retries can create duplicate work or hide the real problem.
Minimal Working Check
curl https://backend.quilt.sh/health
curl \
-H "X-Api-Key: $QUILT_API_KEY" \
https://backend.quilt.sh/api/system/info
curl \
-H "X-Api-Key: $QUILT_API_KEY" \
https://backend.quilt.sh/api/containers/healthNext Step
Once auth and health are working, move to Containers.