Looking for the API reference? It’s here.

Authentication

The Palisade API uses API keys to authenticate requests. You can obtain your API key from your account manager.

Important: Your API keys grant broad access to your account, so keep them secure. Do not share your secret keys in public repositories, client-side code, or any other insecure locations.

All API requests must be made over HTTPS. Requests sent over plain HTTP will be rejected. Additionally, any request that does not include a valid API key will fail.

The API key is used as the username in a Basic HTTP authentication. You should leave the password empty.

Errors

Palisade uses standard HTTP response codes to show whether an API request was successful or not.

• Codes in the 2xx range mean the request was successful.

• Codes in the 4xx range mean there was an error with the request (for example, a missing parameter or a failed request).

• Codes in the 5xx range mean something went wrong on Palisade’s end.

Some 4xx errors, like a bad parameter, include an error code that helps explain what went wrong and can be handled in your code.

Versioning

Each major release in Palisade may include changes that aren’t backward-compatible, which means upgrading could require updates to your existing code. The current major version is 2025-04-30. There are currently no fixed release schedule but we commit to maintaining major releases for at least 1 year.

Before committing to a new version, we recommend using API versioning to test the changes safely.

You should explicitly provide your API version on every request, using the Palisade-Version header. Any request that does not include a valid API version will fail.

Pagination

All top-level API resources in Palisade support bulk fetching using “list” methods. For example, you can list domains, groups, or tasks. These list methods follow a consistent structure and accept at least two parameters: page, and per_page.

Every “list” method will return the current pagination state in the page_info field. This field also includes the total count of resources matching the provided filters.

Expanding Responses

Palisade lets you request extra details in API responses using the expand request parameter. This parameter works on all API requests and only affects the response for that specific request. You can use it in two main ways.

Many objects in Palisade return only the ID of related objects. For example, a domain might include a group ID. Using the expand parameter, you can ask Palisade to include the full group object instead of just the ID. Expandable fields are identified in the expand parameter.

Some fields, like sensitive or optional data, aren’t included by default. You can request them with the expand parameter as well.

You can only use expand on get or list requests. Keep in mind that expanding deeply in list responses may slow things down.

You can expand multiple fields at once by including multiple items in the expand array.