API Authentication

API Keys

Generate API Key

Go to Settings → API Keys
Click Generate New Key
Choose scopes and expiration
Copy the key (shown only once)

Using API Keys

Include in the Authorization header:

bash

curl -H "Authorization: Bearer ops_key_abc123..." \
  https://ops.example.com/api/v1/services

Key Scopes

Scope	Description
`read`	Read-only access
`write`	Create and update resources
`delete`	Delete resources
`admin`	Full access including settings

Key Expiration

Keys can be set to expire:

Never (not recommended)
30 days
90 days
1 year

JWT Tokens

For web sessions, use JWT tokens:

bash

# Login
POST /api/v1/auth/login
{
  "username": "admin",
  "password": "password"
}

# Response
{
  "token": "eyJhbG...",
  "expires_at": "2025-01-16T00:00:00Z"
}

Use in subsequent requests:

bash

curl -H "Authorization: Bearer eyJhbG..." \
  https://ops.example.com/api/v1/services

OAuth 2.0

For OAuth-enabled instances:

bash

# Get token
POST /oauth/token
{
  "grant_type": "client_credentials",
  "client_id": "your-client-id",
  "client_secret": "your-client-secret"
}

Security Best Practices

Never share API keys
Rotate keys regularly
Use minimal required scopes
Set expiration dates
Monitor key usage in audit logs

API Authentication ​

API Keys ​

Generate API Key ​

Using API Keys ​

Key Scopes ​

Key Expiration ​

JWT Tokens ​

OAuth 2.0 ​

Security Best Practices ​

API Authentication

API Keys

Generate API Key

Using API Keys

Key Scopes

Key Expiration

JWT Tokens

OAuth 2.0

Security Best Practices