Bramble verifies your API requests through your account's API keys. Should a request fail to include a valid key, Bramble flags with an authentication error.
You can use the Bramble Connector to create, copy, and revoke API
keys. To access your v1 API keys, select the API Keys tab in the top right of the Bramble Connector.
If you use Bramble through a third-party platform, give the platform your API
keys so it can process requests on behalf of your account.
Anyone can use your secret API key to make any API call on behalf of
your account, such as creating check-ins or updating your workflow inventory.
Keep your keys safe by following these best practices:
Grant access only to those who need it.
Don’t store keys in a version control system.
Control access to keys with a password manager or secrets management service.
Don’t embed a key where it could be exposed to an attacker, such as in a mobile application.
For security, Bramble only shows you a secret or restricted API key once, upon creation. Store the key in a safe place where you won’t lose it. If you lose the key, you can 'revoke and delete it' and create another.
When you create an API key, the value is displayed before you save it. You must copy the value before saving it, because you can’t reveal it later.
If you delete a key, any code that uses that key can no longer make API calls.
Create a new key and update the code to use it.
Open the API keys page.
In the row for the key you want to disable, click Edit, then select `Revoke`.
The window displays a confirmation. Revoke it by clicking it.
To create a secret API key:
Open the API keys page.
Click Create/New API Key.
Enter a name in the Key name field.
Optionally set an expiry date
Optionally change the contact email address for this key.
Click Create.
The window displays the new key value. Copy it by clicking it.
Save the key value. You can’t retrieve it later.
To make an authenticated request to our API, follow our Authentication guide in our developer documentation.
