Authentication

Authentication to Aurora Solar's API is granted through API keys (bearer tokens). An Admin user for your tenant can create, retrieve, and, if necessary, rotate the keys using the API Tokens screen in Aurora.

Sandbox: https://v2-sandbox.aurorasolar.com/settings/api/tokens
Production: https://v2.aurorasolar.com/settings/api/tokens

API Key Types

Aurora currently supports two types of API keys:

Standard Keys

A Standard Key grants access to all API actions for a single tenant. This type of key is intended for general usage when building your integration.

A tenant may only have one standard key.

📘

We strongly recommend against sharing Standard Keys outside of your organization. See Restricted Keys in the 2022.09 version of the API for a more secure alternative.

Using bearer tokens

In order to authenticate a request using Bearer Token auth, you need to pass the API key through the Authorization header and also prefix the entire key with Bearer. For example, an authenticated curl request would include the following: -H "Authorization: Bearer sk_prod_LXknKczQYkniVtMpRYs8wJgk"

Our bearer tokens have a meaningful prefix to help with key management. The prefix consists of:

1. The type of key:

• sk_: A "Standard Key"
• rk_: A "Restricted Key"

2. The environment:

• sand_: The key grants access to the sandbox environment.
• prod_: The key grants access to the production environment.

For example, a key that grants access to all API actions for a single tenant on production would look like sk_prod_LXknKczQYkniVtMpRYs8wJgk.

Related Tutorials:

• Move to bearer token authentication