Authentication

How to view and manage your API keys

The Orbiit API uses tokens to authenticate every request. Tokens can be managed from the workspace integrations page. The token must be included in the Authorization header of every requests in the following format.

Authorization: "Bearer <token>"

Your token is associated with a strict set of permissions, and is tied to a given user. Requests that create, modify, or archive data will as such be attributed to the associated user, so keep your token safe! From here on, and in the UI, we will refer to tokens as API keys.

Creating an API key

Create a new API key
Make sure to copy the API key. It will only be shown once (this key is no longer active).

If you do not have access to the API keys please contact [email protected] and we will evaluate the request.

Using an API key

To use the token, include it in the Authorization header of each request. The header should have the format Bearer , where is the token you obtained in the previous step.

If the token is invalid or has expired, you will receive a 401 Unauthorized response, or similar.

Revoking an API key

Revoke an API key to stop using it.

API tokens, unlike client tokens, are validated upon request. This means that changes to the tokens permissions come into effect immediately, likewise, tokens that are revoked, will also become unusable straight away.

Workspace ID

For all requests you will need to provide the workspaceId with your request (in the URI). This can be found in the URL when creating your API Key. The URL should have the pattern https://app.orbiit.ai/w/<YOUR_WORKSPACE_ID>/settings/integrationsat that page. The identifier that you see for right after the /w is your workspaceId.

PreviousIntroductionNextPagination

Last updated