Base URL
All API endpoints are served over HTTPS. HTTP requests are rejected.
Authentication
LexQ uses API Key authentication. Include your key in every request:
API keys are created and managed in the Console under Management → API Keys.
API keys grant full access to your organization’s policy engine. Never expose them in client-side code or public repositories.
Content-Type header:
Content-Type: application/json
{
"success": true,
"data": { ... },
"errorCode": null,
"message": null
}
Error Codes
Error codes follow a prefix convention:
| Prefix | Domain |
|---|
C-xxx | Common (input validation, not found, rate limit) |
A-xxx | Auth (credentials, API key, permissions) |
P-xxx | Policy Engine (groups, versions, rules, deployment) |
B-xxx | Billing (subscription, payment, quota) |
S-xxx | Simulation & Analytics |
ACT-xxx | Action validation (discount, point, notification) |
FD-xxx | Fact Definition |
INT-xxx | Integration |
FL-xxx | Failure Log |
Rate Limits
Rate limits depend on your plan’s Max TPS setting:
| Plan | Max TPS |
|---|
| Free | 5 |
| Growth | 50 |
| Pro | 200 |
429 Too Many Requests.
Idempotency
For execution endpoints, you can include an Idempotency-Key header to prevent duplicate processing:
Idempotency-Key: unique-request-id-123
Next Steps
