Authentication

Generate API Key

All requests to the Tines REST API require authentication.

To generate an API key in Tines, use the Tines connect flow.

  • Navigate to the team that will be using the API and click Credentials.
  • Click + New Credential and select Tines and follow the prompts to connect.

To learn more about connect flows generally, see our docs.

View API Keys

From the Tines navigation menu, select "API keys".

Navigation

On the API Keys page you can view all of the API keys you have access to or create a new key. While you can create a new key manually from this page, using the Tines connect flow is recommended.

Tines has four types of API keys:

  • Personal API keys are linked to your user account, and have access to all items that you do. Operations performed using one of these keys will be recorded as being performed by you. Only you have access to create and delete your personal keys.
  • Service API keys are linked to separate service account users, and can be granted access to any tenant permissions such as AUDIT_LOG_READ and TUNNEL_MANAGE by a Tenant Owner. Operations performed using one of these keys will be recorded as being performed by the associated service account user.
  • Tenant owner API keys are linked to separate service account users, and have full Owner access to the entire tenant. Operations performed using one of these keys will be recorded as being performed by the associated service account user. Tenant Owners have access to create and delete all tenant keys.
  • Team API keys are also linked to separate service account users, but they have role-based access to a specific team on the tenant. Operations performed using one of these keys will be recorded as being performed by the associated service account user. Tenant Owners have access to create and delete all team keys.

Using an API Key

Each request sent to the REST API must be authenticated using an API key, included in the X-User-Token header.

For example:

curl -X GET https://<<META.tenant.domain>>/api/v1/events/ \
  -H 'content-type: application/json' \
  -H 'x-user-token: <<CREDENTIAL.tines_api_key>>'

Bearer/Token Authentication

Our API now includes support for Bearer/Token Authentication. To authenticate using this method, simply include your API token in the Authorization header of your requests, prefixed with "Bearer" and a single space.

For example:

curl -X GET https://<<META.tenant.domain>>/api/v1/events/ \
  -H 'content-type: application/json' \
  -H 'Authorization: Bearer <<CREDENTIAL.tines_api_key>>'
Was this helpful?