WorkFlows uses API keys with Bearer token authentication. API access is available on Business and Enterprise plans.
wf_live_Include your API key in the Authorization header as a Bearer token:
curl https://www.workflows.com.es/api/v1/projects \
-H "Authorization: Bearer wf_live_your_key_here"const res = await fetch("https://www.workflows.com.es/api/v1/projects", {
headers: {
"Authorization": "Bearer wf_live_your_key_here",
"Content-Type": "application/json",
},
});
const data = await res.json();import requests
res = requests.get(
"https://www.workflows.com.es/api/v1/projects",
headers={"Authorization": "Bearer wf_live_your_key_here"},
)
data = res.json()Rate limits are enforced per organization in 1-minute sliding windows. Every response includes rate-limit headers:
| Plan | Limit |
|---|---|
| Free | No API access |
| Starter | No API access |
| Pro | No API access |
| Team | No API access |
| Business | 120 req/min |
| Enterprise | 600 req/min |
| Header | Description |
|---|---|
| X-RateLimit-Limit | Max requests per minute for your plan |
| X-RateLimit-Remaining | Requests remaining in current window |
| X-RateLimit-Reset | Unix timestamp when the window resets |
| Retry-After | Seconds until you can retry (only on 429) |
All error responses follow a consistent format:
{
"error": "Human-readable error message",
"code": "MACHINE_READABLE_CODE"
}| Status | Code | Description |
|---|---|---|
| 400 | BAD_REQUEST | Malformed request body or invalid parameters |
| 401 | UNAUTHORIZED | Missing or invalid API key |
| 403 | PLAN_UPGRADE_REQUIRED | API access not available on your plan |
| 404 | NOT_FOUND | Resource not found |
| 429 | RATE_LIMITED | Too many requests — check Retry-After header |
| 500 | INTERNAL_ERROR | Server error — retry with exponential backoff |