API Key Authentication
The Kaleido administrative APIs are secured by generated API Keys:
- Scoped to a single user acting on behalf of a single Kaleido Organization
- Revoked immediately by deleting the key
- Contain an identifying prefix, and a secret part (after the
- Secret part is never stored in Kaleido - we keep additional data to verify the keys on each call
See APIs & Authentication for details on the difference between administrative and runtime APIs
Generating API Keys
Use the Kaleido console to generate a new API Key, or delete/revoke an existing API Key.
Navigate to "Account" -> "API Keys", then click "+ New API Key"
Sending as a Bearer Token
When making an API call, supply the API Key as a Bearer token in the Authorization header:
Authorization: Bearer u0jdy2b10s-o8wij8/v9u73rRoRoelHmU2SdZKhtusPsfCNHSvTLBE=
For example in curl:
APIKEY=u0jdy2b10s-o8wij8/v9u73rRoRoelHmU2SdZKhtusPsfCNHSvTLBE= curl -H "Authorization: Bearer $APIKEY" https://console.kaleido.io/api/v1/orgs