InspectionVoice

Authentication

All requests to the InspectionVoice Public API are authenticated with bearer API keys.

Key format

Secret keys start with iv_sk_, followed by 43 URL-safe characters. They identify your firm (organization) and carry a specific set of scopes.

Sending the key

Authorization: Bearer iv_sk_XXXX

Scopes

Each key is granted a subset of the scopes below. Requests without the required scope return 403.

  • read:projects, write:projects, delete:projects
  • read:inspections, write:inspections
  • read:observations, write:observations
  • read:reports
  • read:users, write:users
  • read:analytics
  • admin:webhooks

Rate limits

Each key has a per-minute (default 60) and per-day (default 10,000) budget. Responses include X-RateLimit-Remaining-Minute and X-RateLimit-Remaining-Day. Exceeding either returns 429 Rate limit exceeded with a retry_after_sec.

Rotating keys

Issue a new key, update your consumers, then revoke the old key under Admin Settings → API keys. Revoked keys immediately return 401.