Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.median.sh/llms.txt

Use this file to discover all available pages before exploring further.

The Median API uses the same workspace API keys as the CLI. Generate one in the dashboard under Settings → API Keys. Send the key in the Authorization header: 
curl -X POST https://api.median.sh/api/feedback \
  -H "Authorization: Bearer <YOUR_WORKSPACE_API_KEY>" \
  -H "Content-Type: application/json" \
  -d '{"content":"The export button does nothing on Safari."}'

Body field (fallback)

If you cannot set custom headers (for example, from a static embed), include the key in the request body as apiKey: 
{
  "apiKey": "<YOUR_WORKSPACE_API_KEY>",
  "content": "The export button does nothing on Safari."
}
The header is preferred when both are present.

Security

  • Treat API keys like passwords. Anyone with a key can submit feedback against your workspace and consume billable events.
  • Rotate keys by creating a new one and revoking the old one in the dashboard. Revocation is immediate.
  • Avoid embedding keys in unauthenticated client-side code where they can be scraped. Prefer a thin server-side proxy that holds the key.
  • Each key is scoped to a single workspace and inherits the workspace’s plan limits.