API Key Authentication

The Kaleido administrative APIs are secured by generated API Keys:

  • Scoped to a single user acting on behalf of a single Kaleido Organization
  • Revoked immediately by deleting the key
  • Contain an identifying prefix, and a secret part (after the -)
  • Secret part is never stored in Kaleido - we keep additional data to verify the keys on each call

See APIs & Authentication for details on the difference between administrative and runtime APIs

Generating API Keys

Use the Kaleido console to generate a new API Key, or delete/revoke an existing API Key.

Navigate to "Account" -> "API Keys", then click "+ New API Key"

API Keys

Sending as a Bearer Token

When making an API call, supply the API Key as a Bearer token in the Authorization header:

Authorization: Bearer u0jdy2b10s-o8wij8/v9u73rRoRoelHmU2SdZKhtusPsfCNHSvTLBE=

For example in curl:

APIKEY=u0jdy2b10s-o8wij8/v9u73rRoRoelHmU2SdZKhtusPsfCNHSvTLBE=
curl -H "Authorization: Bearer $APIKEY" https://console.kaleido.io/api/v1/orgs