API Overview & Authentication
Base URL
All API requests are made against the following base URL. Append the endpoint path to the base URL for each request.
https://api.usbios.aiThe BiOS console is available at https://bios.us.com. The API gateway is a separate service that handles all programmatic access.
Authentication
The recommended authentication method is an API key passed via the X-API-Key header. Each API key is scoped to one workspace. The API resolves the organization and workspace automatically, so no extra headers are needed.
X-API-Key: sk_live_your_key_here
Content-Type: application/jsonAlternatively, JWT Bearer tokens are supported (used by the web console). JWT auth requires additional X-Org-ID and X-Workspace-ID headers.
Error Response Format
All error responses follow a consistent JSON structure:
{
"status": 400,
"error": "Bad Request",
"detail": "A human-readable description of what went wrong",
"code": "VALIDATION_ERROR"
}Rate Limits
The API enforces rate limits on a per-user basis. When you exceed the limit, you will receive a 429 Too Many Requests response with a Retry-After header indicating when you can retry.
Common Status Codes
| Code | Meaning |
|---|---|
| 200 | OK: request succeeded |
| 201 | Created: resource created successfully |
| 400 | Bad Request: invalid input or validation error |
| 401 | Unauthorized: missing or expired token |
| 403 | Forbidden: insufficient permissions |
| 404 | Not Found: resource does not exist |
| 422 | Validation Error: request body failed validation |
| 429 | Too Many Requests: rate limit exceeded |
| 500 | Internal Server Error: something went wrong on our end |
BiOS Documentation. Need help? Email help-bios@us.inc