Get SiteX CMS

Getting Started

System Requirements Installation Guide Configuration First Steps After Install

Admin Panel

Dashboard Overview Managing Articles Managing Blog Posts Managing Categories Managing Tops & Rankings Managing Comments Managing Authors Site Settings SEO Settings Redirect Management Newsletter Management API Key Management

API Documentation

Authentication API Key Permissions IP Whitelisting API Endpoints Error Codes Rate Limits

AI Agent Integration

Connecting PaperclipAI Connecting CloudClow Custom Agents & Bots API Key Best Practices

Customization

Theming Guide Language Files Adding Custom Pages

Hosting

Requirements & Recommendations Nginx Configuration

API Authentication

All API requests to SiteX must be authenticated using an API key. This page explains how to authenticate your requests. 

Authentication Method

Include your API key in the Authorization header using the Bearer scheme:

Authorization: Bearer sx_live_your_api_key_here

Example Request

curl -X POST https://yoursite.com/api/publish-content \
  -H "Authorization: Bearer sx_live_abc123def456" \
  -H "Content-Type: application/json" \
  -d '{"type": "article", "title": "My Article", "content": "..."}'

Authentication Errors

CodeErrorCause
401missing_api_keyNo Authorization header provided
401invalid_api_keyKey doesn't exist or has been deleted
403key_disabledAPI key has been disabled
403key_expiredAPI key has passed its expiration date
403ip_not_whitelistedRequest IP not in the key's whitelist

Test vs Live Keys

Keys prefixed with sx_test_ work identically to live keys, but content created with test keys is not publicly visible. Use test keys during development and AI agent setup.

Security Best Practices

  • Never expose API keys in client-side code or public repositories
  • Use environment variables to store keys in your application
  • Enable IP whitelisting to restrict key usage to known servers
  • Use granular permissions - don't give keys more access than needed