Cuevue API

Build integrations with the Cuevue REST API. Manage projects, workflow stages, custom fields, comments, subtasks, team members, and webhooks programmatically.

OpenAPI Spec→Base URL: https://cuevue.io/api/v1

Authentication

All API requests require a bearer token. Generate an API key from Settings → API & Integrations in your workspace. Keys use the cue_sk_ prefix.

curl https://cuevue.io/api/v1/projects \
  -H "Authorization: Bearer cue_sk_your_key_here"

Keys are scoped to a single workspace with either read or write permission. Admin-only endpoints (webhooks, members) require write access.

Endpoints

All endpoints are relative to /api/v1. Request and response bodies use JSON.

Projects

GET	/projects	List projects (paginated)
POST	/projects	Create a project
GET	/projects/:id	Get a project
PATCH	/projects/:id	Update a project
DELETE	/projects/:id	Delete a project
PATCH	/projects/:id/custom-fields	Update custom field values
PATCH	/projects/batch	Bulk update (up to 50)

Versions

GET

/projects/:id/versions

Comments

GET	/projects/:id/comments	List comments
POST	/projects/:id/comments	Add a comment (with optional timestamp)
GET	/projects/:id/comments/:commentId	Get a comment
DELETE	/projects/:id/comments/:commentId	Delete a comment

Subtasks

GET	/projects/:id/subtasks	List subtasks
POST	/projects/:id/subtasks	Create a subtask
GET	/subtasks/:id	Get a subtask
PATCH	/subtasks/:id	Update a subtask
DELETE	/subtasks/:id	Delete a subtask

Workflow

GET	/workflow	Get workflow config
GET	/workflow/stages	List stages
POST	/workflow/stages	Create a stage
GET	/workflow/stages/:id	Get a stage
PATCH	/workflow/stages/:id	Update a stage
DELETE	/workflow/stages/:id	Delete a stage

Custom Fields

GET	/fields	List custom fields
POST	/fields	Create a field
GET	/fields/:id	Get a field
PATCH	/fields/:id	Update a field
DELETE	/fields/:id	Delete a field
PATCH	/fields/reorder	Reorder fields

Members

GET	/members	List members
POST	/members	Invite a member
GET	/members/:id	Get a member
PATCH	/members/:id	Update member role
DELETE	/members/:id	Remove a member

Webhooks

GET	/webhooks	List webhooks
POST	/webhooks	Create a webhook
GET	/webhooks/:id	Get a webhook
PATCH	/webhooks/:id	Update a webhook
DELETE	/webhooks/:id	Delete a webhook
GET	/webhooks/:id/deliveries	List deliveries
POST	/webhooks/:id/test	Send test event

Space

GET

/space

Pagination

List endpoints return cursor-based pagination. Pass limit (max 100, default 25) and use the returned cursor value to fetch the next page.

{
  "data": [ ... ],
  "pagination": {
    "cursor": "eyJ2IjoiMjAyNi0wMy0xMCIsImlkIjoiYWJjMTIzIn0",
    "has_more": true,
    "total": 142
  }
}

When has_more is false, you have reached the end. Pass sort and order to control sort direction.

Error handling

Errors return a consistent JSON envelope with an error object:

{
  "error": {
    "code": "VALIDATION_ERROR",
    "message": "Invalid request body",
    "details": {
      "title": "Required"
    }
  }
}

Status	Code	Meaning
400	VALIDATION_ERROR	Invalid request body or params
401	UNAUTHORIZED	Missing or invalid API key
403	FORBIDDEN	Insufficient permissions
404	NOT_FOUND	Resource does not exist
429	RATE_LIMITED	Too many requests
500	INTERNAL_ERROR	Something went wrong on our end

Rate limits

The API enforces per-key rate limits. Current limits are returned in response headers:

Header	Description
X-RateLimit-Limit	Max requests per window
X-RateLimit-Remaining	Requests remaining
X-RateLimit-Reset	Window reset time (Unix epoch)

Default limit: 120 requests/minute for read operations, 60 requests/minute for writes. When rate limited, the response includes retry_after_ms in the error body.

Webhooks

Receive real-time notifications when events happen in your workspace. Register a webhook endpoint and subscribe to the events you need.

Available events

project.created	A project was created
project.updated	A project was updated
project.deleted	A project was deleted
status.changed	A project changed workflow stage
custom_field.updated	Custom field values changed
comment.created	A comment was added
version.created	A new version was uploaded
subtask.created	A subtask was created
subtask.updated	A subtask was updated
member.added	A member joined the space
member.removed	A member was removed

Payload format

{
  "event": "project.updated",
  "timestamp": "2026-03-26T14:30:00.000Z",
  "space_id": "uuid",
  "data": {
    "project": { ... }
  }
}

Signature verification

Each webhook delivery includes a X-Cue-Signature header containing an HMAC-SHA256 signature. Verify it using the signing secret returned when you create the webhook:

import crypto from "crypto";

function verifyWebhook(body: string, signature: string, secret: string) {
  const expected = crypto
    .createHmac("sha256", secret)
    .update(body)
    .digest("hex");
  return crypto.timingSafeEqual(
    Buffer.from(signature),
    Buffer.from(expected),
  );
}

Webhooks that fail are retried with exponential backoff (up to 3 attempts). After repeated failures, the endpoint is automatically disabled.

MCP integration

Cuevue supports the Model Context Protocol (MCP), allowing AI assistants and LLM-powered tools to interact with your workspace. The MCP server exposes read-only resources, resource templates, and tools that map to the REST API.

Connect your AI tools

Configure your MCP-compatible client (Claude Desktop, Cursor, etc.) with your Cuevue API key:

{
  "mcpServers": {
    "cuevue": {
      "url": "https://cuevue.io/api/mcp",
      "headers": {
        "Authorization": "Bearer cue_sk_your_key_here"
      }
    }
  }
}

Read-only API keys can browse resources like cuevue://projects/recent, cuevue://workflow/stages, and templates such as cuevue://projects/{episode_id}. The server also provides tools for listing projects, reading comments, fetching transcripts, and, with write-permitted API keys, creating projects, comments, and workflow updates.

Questions? Contact support | Download OpenAPI spec