Stack Pulse Docs
StackPulse

StackPulse Docs

Authenticated API Check

Monitor endpoints that require headers while keeping credentials scoped and read-only.

Authenticated checks let StackPulse monitor endpoints that are not fully public.

Use this only when a public health endpoint is not enough.

Headers

Add the headers required by your API.

Common examples:

text
Authorization: Bearer YOUR_MONITORING_TOKEN
X-API-Key: YOUR_READ_ONLY_KEY
Accept: application/json

StackPulse treats sensitive header names as secrets and masks them after saving.

Expected status

Use the normal successful response code for the endpoint.

For most APIs:

text
Expected status: 200

If your endpoint intentionally returns 204, configure that instead.

JSON expectations

If response body checks are supported for your check, match a small stable substring rather than an entire response.

Good examples:

  • "status":"ok"
  • "ready":true
  • "database":"ok"

Avoid matching timestamps, request IDs, or values that change on every request.

Credential safety

Use credentials created only for monitoring.

  • Prefer scoped keys.
  • Prefer read-only access.
  • Rotate keys periodically.
  • Do not use personal passwords.
  • Do not use unrestricted admin tokens.
Safer alternative

If possible, create a dedicated /health endpoint that performs the required internal checks without exposing a general authenticated API surface.