Authentication

The API has near feature-parity with the user interface and uses the same RBAC permissions system.

Permissions

Since the API uses the same permissions backend as the regular user interface, any operations you perform in the API will require the equivalent permissions as if you performed the operation in the UI.

Authenticating to the API is done via an API token. API tokens are bound to user accounts and can be managed from your My Account page.

To create an API token:

1. Navigate to your My Account page:

Widescreen Mobile

• Click on the Your Username button in the bottom-left of the side navigation bar to show a nav menu

• Click on the Your Username button in the top-right of the header
  • You may need to click on the hamburger button to display your username first

2. Click on the My Account option from the nav menu
3. Scroll down to the API Tokens card
4. Type a Description for this API token into the description field for a new token
5. Click on the Add API Token button

Protect your API Key

Once generated, copy your API key to a safe place and treat it like a password. It has all the same permissions and abilities as your regular user login.

Revoking an API key

To revoke an API key, you must delete it:

1. Navigate to your My Account page (see steps above)
2. Scroll down to the API Tokens card
3. Locate the API key you want to delete in the table
4. Click on the delete button in the row for the key
5. Click the Delete button in the confirmation page to confirm the deletion