FieldCampAuthentication | FieldCamp API
Authenticate FieldCamp API requests with a JWT bearer token.
FieldCamp uses a long-lived JWT as your API key. Every authenticated request carries that JWT in the HTTP headers.
Get an API key
API keys are issued by FieldCamp support today. Self-serve key management is on the roadmap.
- Email support@fieldcamp.ai from an address at your company's domain.
- Mention that you're integrating with the FieldCamp API and include your company name.
- You'll receive a JWT string. Store it in a secrets manager; do not commit it to source control.
Your JWT encodes your tenant (companyId and branchId) — there's no
per-key scoping to set up. One key grants read/write access to everything
under your tenant.
Treat your API key like a password. Anyone with it can create, update, or cancel jobs on your behalf. Never expose it in client-side code (browser, mobile app) — always keep API calls behind your own backend.
Authenticate your requests
Send your JWT in both X-API-Key and Authorization: Bearer headers.
cURL
curl https://api.fieldcamp.ai/api/company-info \
-H "X-API-Key: $FIELDCAMP_API_KEY" \
-H "Authorization: Bearer $FIELDCAMP_API_KEY"Node.js (axios)
import axios from 'axios';
const fc = axios.create({
baseURL: 'https://api.fieldcamp.ai',
headers: {
'X-API-Key': process.env.FIELDCAMP_API_KEY,
'Authorization': `Bearer ${process.env.FIELDCAMP_API_KEY}`,
'Content-Type': 'application/json',
},
timeout: 30_000,
});
const { data } = await fc.get('/api/company-info');
console.log(data);Python (requests)
import os, requests
key = os.environ["FIELDCAMP_API_KEY"]
r = requests.get(
"https://api.fieldcamp.ai/api/company-info",
headers={
"X-API-Key": key,
"Authorization": f"Bearer {key}",
},
timeout=30,
)
r.raise_for_status()
print(r.json())Confirm your setup
Call GET /api/company-info — a read-only endpoint that returns your
tenant's top-level settings:
curl https://api.fieldcamp.ai/api/company-info \
-H "X-API-Key: $FIELDCAMP_API_KEY" \
-H "Authorization: Bearer $FIELDCAMP_API_KEY"Expected: a 200 response with { "success": true, "data": { "company": { ... } } }.
If you see 401, re-check that the header value contains your full JWT
(no whitespace, no quotes, no prefix other than Bearer).
Rotation and revocation
Contact support@fieldcamp.ai to rotate or revoke a key. Include the last 8 characters of the JWT for identification. We recommend rotating keys at least annually and immediately upon suspected exposure.
Headers reference
| Header | Value | Required |
|---|---|---|
X-API-Key | <your JWT> | Yes |
Authorization | Bearer <your JWT> | Yes |
Content-Type | application/json | Yes for JSON endpoints |
Content-Type | multipart/form-data; boundary=... | Yes for POST /api/jobs |