API authentication and keys

The Tidelift API and Tidelift CLI allows you to authenticate using an API key for all endpoints.

Finding and creating new API keys

From the top right menu, select API Keys:

Screenshot_20240517_164731.png

You'll be taken to the API Keys view, where you can create, delete, and view the various types of keys:

Screenshot_20240517_164842.png

Types of keys provided by Tidelift

  1. Organization Keys are similar to Project Keys and only allow for alignments to be run within a CI/CD process, but will work for all projects. They are not tightly-scoped to a specific project and should only be used when necessary, following the same security guidelines as Project keys.
  2. Project Keys are a more tightly-scoped type of API key suitable for use within your CI/CD process. These keys only allow you to save an alignment for a project and check the status of those alignments. It is recommended that these keys are stored in the native secret storage mechanism of your CI/CD platform. See this article for information on how to create a project API key from a Project's settings page or Tidelift CLI.
  3. User Keys are tied to your user within the Tidelift Subscription and allow you to use all commands in Tidelift CLI except for  tidelift alignment save. These keys should be kept private to individuals as they have all of the permissions that the user has within the Tidelift system. To use these keys with Tidelift CLI, run tidelift authenticate.

 Key Type/Command

Organization

Project

User

 Intended Use Case

CI tools

CI tools

Desktop command line

 Scope

All Projects

Single Project

All Projects

 alignment

yes

yes

yes

 alignment save

yes

yes

no

 authenticate

no

no

yes

 catalogs

yes

no

yes

 groups

yes

no

yes

 help

yes

yes

yes

 init

yes

no

yes

 projects

yes

no

yes

 releases

yes

yes

yes

 request

yes

yes

yes

 selftest

yes

yes

yes

 selfupdate

yes

yes

yes

 status

yes

yes

yes

 version

yes

yes

yes

 


If you are writing your own integration with the Tidelift API, you can pass the key as the Authorization header:

curl -H 'Authorization: Bearer {{api-key-example}}'
Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Article is closed for comments.

Articles in this section

See more