SchoolScout API

Authentication

How to authenticate with the SchoolScout API

Overview

Every SchoolScout API endpoint requires authentication.

For external integrations, use an API key created in the dashboard UI.

Authentication Methods

Create an API key in Settings > API Keys, then pass it as a Bearer token:

curl -H "Authorization: Bearer sk_live_your_key_here" \
  https://schoolscout.ai/api/v1/districts

OAuth Bearer Token (MCP clients)

For MCP clients and OAuth-based integrations, use an access token in the same header format:

curl -H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
  https://schoolscout.ai/api/v1/districts

Dashboard Sign-In

The web app handles dashboard authentication automatically.
This is not intended as a programmatic API auth method.

Key Management

API keys can be created, rotated, and revoked from Settings > API Keys.

If authentication fails, routes return:

{
  "error": "Unauthorized",
  "message": "You must be logged in"
}

with HTTP status 401.

Access Scope

Authentication resolves to your organization context.
Credits, unlocks, and visible data are scoped to that organization.

Credit System

Some data is gated behind a credit system. Entities have an _access field in responses:

{
  "id": "...",
  "name": "Denver Public Schools",
  "_access": {
    "is_unlocked": false,
    "unlock_cost": 6
  }
}

Use the POST /api/v1/unlock endpoint to spend credits and unlock entity intelligence data. See Credits for details.

Quickstart

Get up and running with the SchoolScout API in 5 minutes

Data Model

Understanding the SchoolScout entity model

On this page

OverviewAuthentication MethodsAPI Key (recommended)OAuth Bearer Token (MCP clients)Dashboard Sign-InKey ManagementAccess ScopeCredit System