Switchflag
API

API Overview

REST API reference for the Switchflag flag evaluation API. All endpoints require a valid API key.

The Switchflag REST API provides read-only access to flag configurations and evaluation data. The SDK uses this API internally, but you can also call it directly for custom integrations.

Base URL

https://api.switchflag.dev

All endpoints are served over HTTPS.

Authentication

Every request must include a valid API key in the Authorization header:

Authorization: Bearer sf_production_...

API keys are scoped to a specific environment. A production key only returns flags configured for the production environment.

See Authentication for details.

CORS

The API allows cross-origin requests from any origin:

HeaderValue
Access-Control-Allow-Origin*
Access-Control-Allow-MethodsGET, OPTIONS
Access-Control-Allow-HeadersAuthorization, Content-Type
Access-Control-Max-Age86400

All endpoints support OPTIONS preflight requests.

Rate limiting

Requests are rate-limited to 100 requests per minute per API key. Rate limit headers are included in every response.

See Rate Limiting for details.

Endpoints

MethodPathDescription
GET/v1/flagsList all flags for the environment
GET/v1/flags/{key}Get a single flag by key

TypeScript Types

All exported TypeScript types from the Switchflag SDK.

Authentication

API key format, Bearer token scheme, and how authentication works for the Switchflag API.

On this page

Base URLAuthenticationCORSRate limitingEndpoints