Skip to main content
All /v1/* API requests require an API key passed in the Authorization header: 
POST /v1/patients HTTP/1.1
Host: cds.marmar.life
Authorization: Bearer YOUR_API_KEY
Content-Type: application/json

Getting Your API Key

API keys are managed through the Tenant Dashboard:
  1. Sign in to the dashboard using your email (magic link authentication)
  2. Navigate to Settings → API Keys
  3. Click Create New Key and give it a descriptive name
  4. Copy and store the key securely — it’s only shown once

Key Management Best Practices

  • Store securely: Use a secrets manager like HashiCorp Vault or AWS Secrets Manager
  • Rotate regularly: Create new keys periodically and revoke old ones
  • Use descriptive names: Label keys by environment (e.g., “Production API”, “Staging”)
  • Revoke compromised keys: If a key is exposed, delete it immediately from the dashboard

Using the SDK

The SDK automatically handles authentication when configured with your API key: 
import { createMarmarClient } from '@marmarteam/sdk';

const client = createMarmarClient({
  baseUrl: 'https://cds.marmar.life/v1',
  apiKey: process.env.MARMAR_API_KEY,
});

// Make authenticated requests
const patients = await client.listPatients();

Rate Limits

API keys are subject to rate limiting (100 requests per minute by default). If you exceed the limit, you’ll receive a 429 Too Many Requests response.