CreativeOps API

Getting Started

The CreativeOps API lets you programmatically create jobs, manage pipelines, browse assets, and integrate with external tools. All endpoints use JSON and require an API key.

Authentication

Include your API key in the Authorization header:

Header

Authorization: Bearer co_live_xxxxxxxxxxxxx

Rate Limits

100 requests/minute per API key. Exceeded requests return 429 with a Retry-After header.

Response Format

Success

JSON

{
  "success": true,
  "data": { ... },
  "meta": { "page": 1, "limit": 20, "total": 45 }
}

Error

JSON

{
  "success": false,
  "error": {
    "code": "UNAUTHORIZED",
    "message": "Invalid or expired API key"
  }
}

Jobs

Pipelines

Assets

Clients

Webhooks

Webhook Events

Webhooks are signed with HMAC-SHA256. Verify the X-CreativeOps-Signature header.

job.created— New job submitted

job.started— Job execution began

job.completed— Job finished successfully

job.failed— Job execution failed

job.approved— Job approved

pipeline.created— Pipeline started

pipeline.milestone— Pipeline reached 25/50/75/100%

pipeline.completed— All pipeline jobs done

asset.created— New asset generated

request.submitted— Client request submitted

javascript

// Verify webhook signature (Node.js)
const crypto = require('crypto');
const signature = req.headers['x-creativeops-signature'];
const expected = 'sha256=' + crypto
  .createHmac('sha256', WEBHOOK_SECRET)
  .update(JSON.stringify(req.body))
  .digest('hex');
const valid = crypto.timingSafeEqual(
  Buffer.from(signature), Buffer.from(expected)
);