Skip to main content
Version: Next

Authentication

note

You are currently looking at a work in progress version of the Relynk API documentation. Consider the underlying APIs and messaging formats as stable, but we strive to make the documentation as developer friendly as possible. If you feel anything is missing please reach out to hello@relynk.io, any feedback would be much appreciated.

Every API action requires authentication. For our APIs, we use machine-to-machine authentication and API keys to authenticate requests. API keys are unique to your organization and can have various permissions and access levels.

Managing API Keys

Each organization is provided with one or more API keys that can be used for authentication. These keys are unique to your organization and can be managed through your organization's account.

It is important to keep your API keys secure and not share them with anyone. You should also rotate your API keys periodically to ensure the security of your organization's data.

Authenticating with an API Key

As part of every API request, you must provide an authorization header with the value being your API key. This can be done by including the authorization header in your request, like so:

curl -X GET \
https://api.relynk.io/some/api/endpoint \
-H 'authorization: YourAPIKey'
caution

Make sure to replace 'YourAPIKey' with the actual value of your API key.

danger

Never hardcode your API key in any code that may be exposed publicly, such as in a GitHub repository. Instead, use environment variables or a secure storage system to store your API key.

In summary, to authenticate with our API, you must include your API key in the 'authorization' header of each request. You can check the permissions of your API keys and manage them through your organization's account settings. Keep your API keys secure and rotate them periodically to ensure the security of your organization's data.