API & automation
Authentication
Stackarr follows the arr convention of API-key auth.
X-Api-Key: your-stackarr-api-keyThe key is stored in Stackarr configuration. Setup creates one during the first authenticated save when the key is missing. Advanced Docker deployments may provide it as:
STACKARR_API_KEY=...Browser actions send the saved key, prompting once when needed and storing it locally for subsequent requests. Command endpoints refuse requests when no key is configured. Secrets are redacted in config summaries, logs, API responses, and MCP activity where possible.