gospace AIDocsAdmin Console

Authentication

The gospace API uses API keys to authenticate requests. You can view and manage your API keys in the gospace AI console by navigating to Admin > Settings > API Keys.

API Key Creation

  • One-Time Display: API keys are only visible once at the time of creation. After you generate an API key, it will not be displayed again for security reasons.

  • Secure Storage Required: Immediately store your new API key in a secure location. If you lose access to it, you will need to generate a new key.

Authentication

Authentication to the API is performed via HTTP headers using the x-api-key header. Provide your API key in the following format:

REQUEST HEADERS
headers: {
  "x-api-key": "prod_********-****-****-1a234b56"
}

  • HTTPS Required: All API requests must be made over HTTPS. Calls made over plain HTTP will fail.

  • Authentication Required: API requests without a valid API key will fail

Security Best Practices

Your API keys hold a significant amount of power, so make sure to keep them secure!

  • Avoid Sharing Secret API Keys: Do not share your secret API keys in publicly accessible areas such as GitHub, client-side code, and so on.

  • Secure Storage Solutions: Use secure methods to store your API keys, such as environment variables, key management services, or encrypted configuration files.

  • Access Control: Limit access to your API keys to only those individuals who need them for development or deployment purposes.

  • Avoid Hard-Coding: Do not hard-code API keys into your application's source code, especially if the code will be stored in version control systems or shared repositories.

  • Rotate Keys Periodically: For enhanced security, rotate your API keys periodically.

Managing Your API Keys

  • Creating a New API Key:

    1. Navigate to your account dashboard.

    2. Go to Admin > Settings > API Keys.

    3. Click on Create New API Key.

    4. Copy the key when it is displayed. Remember, this is the only time you will be able to view it.

  • Regenerating an API Key: If you lose your API key, delete the lost key from the dashboard and create a new one.

  • Revoking an API Key: To revoke access, delete the API key from your account dashboard. This action cannot be undone.

Troubleshooting

  • Lost API Key: If you did not save your API key at the time of creation and have lost it, you must generate a new one.

  • Unauthorised Errors: If you encounter authentication errors, ensure that you are using a valid API key and that it has not been revoked.

  • Rate Limit Exceeded: If you receive errors related to rate limits, review your application's request patterns and adjust accordingly.

  • Contact Support: For any issues not resolved by the above steps, contact our support team for assistance.

Remember that API keys are sensitive credentials that grant access to your account's capabilities and data. Handling them with care is essential for maintaining the security and integrity of your applications.

PreviousIntroductionNextErrors

Last updated

Was this helpful?