Authentication

You'll need to authenticate your requests to access any of the Countertop Studio data. In this guide, we'll look at how authentication works.

Countertop Studio is currently in the alpha phase. To get access to the API, Webhook system and n8n integration, please reach out to our support team. In the beta phase, you'll be able to create and manage secrets and permissions directly in your account.

Secret & Department

Each integration has its own secret, which you need to either via API or save it in your n8n integration.

The secret is expected in the API Header on every request, as well as the department ID. You can find both of these values in the Countertop Studio Integration Settings.

Example API request with required headers

curl -X POST https://studio.countertop.app/api/v1/... \
  -H "X-Api-Key: {your-secret}" \
  -H "X-Department-Id: {department-id}" \
  -H "Content-Type: application/json" \
  -d '{
    // Your request body here
  }'

Let's assume your secret is abc123 and your department ID is dept456. Your cURL command would look like this:

Example API request with actual values

curl -X POST https://studio.countertop.app/api/v1/... \
  -H "X-Api-Key: abc123" \
  -H "X-Department-Id: dept456" \
  -H "Content-Type: application/json" \
  -d '{
    // Your request body here
  }''

Always keep your integration secret safe and reset it if you suspect it has been compromised. Never commit your secret to GitHub or expose it in client-side code.

Rate limits

All API requests are subject to rate limits. If you exceed the rate limit, you'll receive a 429 Too Many Requests response. The response will include a Retry-After header indicating how long you should wait before making another request.

n8n Addon

If you use our official n8n Addon, you won't have to worry about any of the above — create your secret in the Countertop Studio Integration Settings and define it in your n8n integration, and the addon will take care of the rest.

Check out our official n8n Addon