API authentication and keys

The Tidelift API and Tidelift CLI allows you to authenticate using an API key for all endpoints.

The three different types of API keys provided by Tidelift

  1. User Keys are tied to your user within the Tidelift Subscription and allow you to use all commands in Tidelift CLI except for  tidelift alignment save. These keys should be kept private to individuals as they have all of the permissions that the user has within the Tidelift system. You can create and view User Keys in the Tidelift web app under Settings->API Keys. To use these keys with Tidelift CLI, run tidelift authenticate.
  2. Project Keys are a more tightly-scoped type of API key suitable for use within your CI/CD process. These keys only allow you to save an alignment for a project and check the status of those alignments. It is recommended that these keys are stored in the native secret storage mechanism of your CI/CD platform. They can be configured in the Tidelift web app under Settings->API Keys->Project Keys. See this article for information on how to create a project API key from a Project's settings page or Tidelift CLI.
  3. Organization Keys are similar to Project Keys and only allow for alignments to be run within a CI/CD process, but will work for all projects. They are not tightly-scoped to a specific project and should only be used when necessary, following the same security guidelines as Project keys. They can be configured in the Tidelift web app under Settings->API Keys->Organization Keys.

 Key Type/Command

Organization

Project

User

 Intended Use Case

CI tools

CI tools

Desktop command line

 Scope

All Projects

Single Project

All Projects

 alignment

yes

yes

yes

 alignment save

yes

yes

no

 authenticate

no

no

yes

 catalogs

yes

no

yes

 groups

yes

no

yes

 help

yes

yes

yes

 init

yes

no

yes

 projects

yes

no

yes

 releases

yes

yes

yes

 request

yes

yes

yes

 selftest

yes

yes

yes

 selfupdate

yes

yes

yes

 status

yes

yes

yes

 version

yes

yes

yes

 


If you are writing your own integration with the Tidelift API, you can pass the key as the Authorization header, for example:

curl -H 'Authorization: Bearer {{api-key-example}}'
Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Article is closed for comments.

Articles in this section

See more