Authentication to Aurora Solar's API is granted through API keys (bearer tokens). An Admin user for your tenant can create, retrieve, and, if necessary, rotate the keys using the API Tokens screen in Aurora.



API Key Types

Aurora currently supports two types of API keys:

Standard Keys

A Standard Key grants access to all API actions for a single tenant. This type of key is intended for general usage when building your integration.

A tenant may only have one standard key.

Restricted Keys

Restricted Keys grant access to only a specified subset of API actions for a single tenant (ex. only List and Retrieve Projects). If you want to grant micro-services (internal or third-party) access to your data, consider using Restricted Keys to reduce the risk of unintended data sharing.

A tenant may have multiple restricted keys with varying levels of access.

Note that restricted keys will be created in the latest version of the API (2022.09).

Using bearer tokens

In order to authenticate a request using Bearer Token auth, you need to pass the API key through the Authorization header and also prefix the entire key with Bearer. For example, an authenticated curl request would include the following: -H "Authorization: Bearer sk_prod_LXknKczQYkniVtMpRYs8wJgk"

Our bearer tokens have a meaningful prefix to help with key management. The prefix consists of:

  1. The type of key:
  • sk_: A "Standard Key"
  • rk_: A "Restricted Key"
  1. The environment:
  • sand_: The key grants access to the sandbox environment.
  • prod_: The key grants access to the production environment.

For example, a key that grants access to all API actions for a single tenant on production would look like sk_prod_LXknKczQYkniVtMpRYs8wJgk.

Related Tutorials: