Authentication

The Triverse API uses API Keys to authenticate requests. You can view and manage your API keys in the Triverse API Dashboard.

Authenticating Requests

All protected API endpoints require your API key to be included in the HTTP header of every request.

Provide your API key as a Bearer Token in the Authorization header:

Authorization: Bearer <YOUR_API_KEY>

If authentication fails or the key is missing, the server will return a 401 Unauthorized or 403 Forbidden status code.

For WebSocket connections, authentication is handled via a query parameter:

wss://api.triverse.ai/api/v1/tasks/watch/{task_uuid}?token=<YOUR_API_KEY>

Your API keys carry significant privileges, so be sure to keep them secure:

Keep it Secret: Never share your API keys in publicly accessible areas such as GitHub, client-side code, or support forums.
Use Environment Variables: Store your keys in environment variables instead of hardcoding them in your application.
Rotate Regularly: Periodically regenerate your API keys to minimize the risk of unauthorized access.

Warning: If you suspect your API key has been compromised, revoke it immediately in the dashboard and generate a new one.