Skip to main content

Authentication

API Token#

The Unmand API uses API tokens to authenticate requests. You may also be used to referring to these as API Keys.

  • All Unmand projects have an API Token.
  • An API Token authenticates access to a single project.
  • No other project information is required when the API Token is used for authentication.

Token Management#

You can view and manage your API token in the Project configuration page on the Unmand Portal. Navigate to the project Configuration section for a given project. The API token is shown under the Details tab.

API token

Select Regenerate Token to refresh the API token. A token can be regenerated at any time.

caution

Your API tokens carry many privileges, so be sure to keep them secure! Do not share your secret API tokens in publicly accessible areas such as your GitHub repositories, client-side code, or other vulnerable locations.

warning

Regenerating a token will immediately disable any existing tokens currently in use.

All API requests must be made over HTTPS. Calls made over plain HTTP will fail. API requests without authentication will also fail. Authentication to the API is performed via header authorization - you do not need to provide a password.

Example

import requestsfrom requests.auth import AuthBase
class TokenAuth(AuthBase):    """Implements a custom authentication scheme."""
    def __init__(self, token: str):        self.token: str = token
    def __call__(self, r: requests.PreparedRequest):        """Attach an API token to a custom auth header."""        r.headers['Authorization'] = self.token        return r
# Example request using TokenAuth classresponse: requests.Response = requests.get('https://swarm.unmand.app/example', auth=TokenAuth(API_TOKEN))