Authentication
The Teenode API uses API keys to authenticate requests. You can create and manage your API keys from the dashboard.
API Keys
Include your API key in the Authorization header:
curl https://api.teenode.com/v1/projects \
-H "Authorization: Bearer YOUR_API_KEY"Keep your API keys secure. Never commit them to version control or share them publicly.
Creating an API Key
Create an API key via the CLI:
teenode api-key create \
--name "Production Key" \
--scopes read,writeOr via the API:
curl -X POST https://api.teenode.com/v1/api-keys \
-H "Authorization: Bearer YOUR_EXISTING_KEY" \
-H "Content-Type: application/json" \
-d '{
"name": "Production Key",
"scopes": ["read", "write"]
}'Token Scopes
API keys can be scoped to specific permissions:
read- Read access to resourceswrite- Create and update resourcesdelete- Delete resourcesadmin- Full administrative access
Authentication via OAuth
For web applications, you can use OAuth 2.0 authentication:
# Redirect users to:
https://teenode.com/oauth/authorize?client_id=YOUR_CLIENT_ID&response_type=code&redirect_uri=YOUR_REDIRECT_URI
# Exchange code for token:
curl -X POST https://api.teenode.com/v1/oauth/token \
-H "Content-Type: application/json" \
-d '{
"client_id": "YOUR_CLIENT_ID",
"client_secret": "YOUR_CLIENT_SECRET",
"code": "AUTHORIZATION_CODE",
"grant_type": "authorization_code"
}'Rate Limiting
API requests are rate limited based on your plan:
- Free: 100 requests per hour
- Pro: 1,000 requests per hour
- Enterprise: 10,000 requests per hour
Rate limit headers are included in responses:
X-RateLimit-Limit: 1000
X-RateLimit-Remaining: 999
X-RateLimit-Reset: 1640000000Error Responses
Authentication errors return a 401 status code:
{
"error": "unauthorized",
"message": "Invalid or expired API key"
}Best Practices
- Rotate API keys regularly
- Use different keys for development and production
- Implement the principle of least privilege with scopes
- Monitor your API key usage in the dashboard
- Revoke compromised keys immediately