API Reference
Manage Rover site keys programmatically via the rtrvr.ai Cloud Functions API.
All endpoints require a Firebase ID token. In the Workspace UI these calls are handled automatically.
POST
/generateRoverSiteKeyCreate a new site-scoped API key tied to specific domains.
Auth: Firebase ID token (Bearer)
Request Body
| Field | Type | Description |
|---|---|---|
label* | string | Human-readable label for this key (e.g. 'Production'). |
allowedDomains* | string[] | Hostnames where this key is allowed. Supports wildcards. |
ttlDays | number | Days until auto-expiry. 0 for no expiry. Default: 90. |
environment | 'production' | 'development' | 'test' | Label for the deployment environment. |
capabilities | { roverEmbed?: boolean; externalWebContextScrape?: boolean; cloudAgent?: boolean; cloudScrape?: boolean } | Optional capability overrides for the generated key. |
roverPolicy | { domainScopeMode?: 'registrable_domain' | 'host_only'; externalNavigationPolicy?: 'open_new_tab_notice' | 'block' | 'allow'; agentName?: string; mascotDisabled?: boolean; mascotMp4Url?: string; mascotWebmUrl?: string; enableExternalWebContext?: boolean; externalScrapeMode?: 'off' | 'on_demand'; externalAllowDomains?: string[]; externalDenyDomains?: string[] } | Optional Rover runtime policy persisted with this key and returned by list/rotate APIs. |
Response
{
"data": {
"apiKey": "rtrvr_abc123...",
"keyId": "key-uuid-here",
"allowedDomains": ["example.com"],
"capabilities": { "roverEmbed": true },
"roverPolicy": { "domainScopeMode": "registrable_domain" }
}
}POST
/listRoverSiteKeysRetrieve all Rover site keys for the authenticated user.
Auth: Firebase ID token (Bearer)
Response
{
"data": [
{
"id": "key-uuid",
"label": "Production",
"prefix": "rtrvr_abc",
"suffix": "xyz",
"active": true,
"allowedDomains": ["example.com"],
"capabilities": {
"roverEmbed": true,
"externalWebContextScrape": true,
"cloudAgent": true,
"cloudScrape": true
},
"roverPolicy": {
"domainScopeMode": "registrable_domain",
"externalNavigationPolicy": "open_new_tab_notice",
"enableExternalWebContext": true,
"externalScrapeMode": "on_demand"
},
"lastUsed": "2025-02-10T12:00:00Z",
"blockedHostAttempts": 0
}
]
}POST
/updateRoverSiteKeyPolicyUpdate domain restrictions or toggle active status for an existing key.
Auth: Firebase ID token (Bearer)
Request Body
| Field | Type | Description |
|---|---|---|
keyId* | string | The key ID to update. |
allowedDomains | string[] | New set of allowed domains. Replaces the current list. |
active | boolean | Enable or disable the key. |
capabilities | { roverEmbed?: boolean; externalWebContextScrape?: boolean; cloudAgent?: boolean; cloudScrape?: boolean } | Optional capability patch for this site key. |
roverPolicy | { ...same shape as above... } | Optional Rover policy patch. Only provided fields are updated. |
POST
/rotateRoverSiteKeyInvalidate the current key and generate a new one with the same configuration.
Auth: Firebase ID token (Bearer)
Request Body
| Field | Type | Description |
|---|---|---|
keyId* | string | The key to rotate. |
label | string | Optional new label for the rotated key. |
capabilities | { roverEmbed?: boolean; externalWebContextScrape?: boolean; cloudAgent?: boolean; cloudScrape?: boolean } | Optional capability patch to apply on the rotated key. |
roverPolicy | { ...same shape as above... } | Optional Rover policy patch to apply on rotate. |
Response
{
"data": {
"apiKey": "rtrvr_new_key...",
"keyId": "new-key-uuid",
"allowedDomains": ["example.com"],
"capabilities": { "roverEmbed": true },
"roverPolicy": { "domainScopeMode": "registrable_domain" }
}
}POST
/updateApiKeyCapabilitiesUpdate capability flags for any API key (user or site key).
Auth: Firebase ID token (Bearer)
Request Body
| Field | Type | Description |
|---|---|---|
keyId* | string | The key ID to update. |
capabilities* | { roverEmbed?: boolean; externalWebContextScrape?: boolean; cloudAgent?: boolean; cloudScrape?: boolean } | Boolean capability patch fields. |