Edit this page on GitHub

Home > docs > getting started > Security and Permissions

Security and Permissions

Authentication

Using API keys

The key must be passed in the Authorization header on every API request. For example:

curl -v -H "Authorization: auBy4eDWrKWsyhiDp3AQiw" ...

API keys are managed using the API key endpoint.

Using Username and Password

For example:

curl -v -u myuser:mypwd ...

The actual user record will be created on the first successful authentication attempt. After that, it can be managed as usual, by using the User API endpoint.

Username/password authentication uses an LDAP/Active Directory realm. Check Configuration document for details.

Managing Credentials

Credentials (secrets) are managed using the user interface or the secret API endpoint.