Authentication

Every /v1 request requires:

Authorization: Bearer oqp_<64-hex-chars>

See the Authentication guide for how to generate keys, what the scope model is, and how to rotate.

Scopes

Scope	Grants
`deals:read`	`GET /v1/deals`
`deals:write`	`POST /v1/deals/events`
`earnings:read`	`GET /v1/earnings`, `GET /v1/earnings/{id}`
`plans:read`	`GET /v1/plans`, `GET /v1/plans/{id}`

If a call is failing and you’re unsure whether the key is wrong, the scope is missing, or something else, hit the debug endpoint:

curl https://api.openquota.ai/v1/ \
  -H "Authorization: Bearer $OQ_KEY"

It returns your key’s prefix, scopes, and the endpoint list in one payload.

⌘I