Overview
TensorOne API uses API key authentication to secure all requests. Each API key has specific permissions and can be scoped to different resources within your account.
API Key Types
Read Keys
- Purpose: Read-only access to your resources
- Use Cases: Monitoring dashboards, analytics, status checks
- Permissions: GET requests only
Read & Write Keys
- Purpose: Full access to create, modify, and delete resources
- Use Cases: Automated deployments, infrastructure management
- Permissions: All HTTP methods (GET, POST, PUT, DELETE)
Service Keys
- Purpose: Specific service access (AI models, training jobs)
- Use Cases: Production AI applications, specialized workflows
- Permissions: Limited to specific service endpoints
Include your API key in the Authorization header of every request:
Authorization: Bearer tpo_live_1234567890abcdefghijklmnopqrstuvwxyz
Creating API Keys
Via Web Console
- Navigate to Settings > API Keys
- Click Create API Key
- Select permissions: Read, Read & Write, or Service-specific
- Add optional description and expiration date
- Copy the key immediately (shown only once)
Via API
curl -X POST "https://api.tensorone.ai/v2/auth/api-keys" \
-H "Authorization: Bearer YOUR_ADMIN_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"name": "Production API Key",
"permissions": ["read", "write"],
"expiresAt": "2024-12-31T23:59:59Z",
"scopes": ["endpoints", "clusters"]
}'
Key Management
List API Keys
curl -X GET "https://api.tensorone.ai/v2/auth/api-keys" \
-H "Authorization: Bearer YOUR_API_KEY"
Revoke API Key
curl -X DELETE "https://api.tensorone.ai/v2/auth/api-keys/key_1234567890" \
-H "Authorization: Bearer YOUR_API_KEY"
Rotate API Key
curl -X POST "https://api.tensorone.ai/v2/auth/api-keys/key_1234567890/rotate" \
-H "Authorization: Bearer YOUR_API_KEY"
Environment Variables
Store your API keys securely using environment variables:
# Production
export TENSORONE_API_KEY="tpo_live_1234567890abcdef..."
# Development
export TENSORONE_API_KEY="tpo_test_1234567890abcdef..."
SDKs Authentication
Python SDK
import tensorone
# Method 1: Environment variable
client = tensorone.Client() # Reads TENSORONE_API_KEY
# Method 2: Direct key
client = tensorone.Client(api_key="tpo_live_...")
JavaScript SDK
import TensorOne from "tensorone-sdk";
// Method 1: Environment variable
const client = new TensorOne(); // Reads TENSORONE_API_KEY
// Method 2: Direct key
const client = new TensorOne({
apiKey: "tpo_live_...",
});
Security Best Practices
Never expose API keys in client-side code, public repositories, or logs.
✅ Do
- Store keys in environment variables
- Use least-privilege permissions
- Rotate keys regularly
- Monitor key usage
- Set expiration dates
- Use different keys for different environments
❌ Don’t
- Hardcode keys in source code
- Share keys via email or chat
- Use production keys in development
- Grant excessive permissions
- Ignore key rotation
Error Responses
401 Unauthorized
{
"error": "UNAUTHORIZED",
"message": "Invalid or missing API key",
"code": 401
}
403 Forbidden
{
"error": "FORBIDDEN",
"message": "API key lacks required permissions",
"code": 403,
"required_permission": "endpoints:write"
}
429 Rate Limited
{
"error": "RATE_LIMITED",
"message": "API key rate limit exceeded",
"code": 429,
"retry_after": 60
}
Key Scopes
Restrict API keys to specific resources:
accounts: Account managementclusters: GPU cluster operationsendpoints: Serverless endpointstraining: Model training jobsbilling: Payment and usage dataai: AI service accesswebhooks: Webhook management
Testing Authentication
Verify your API key works:
curl -X GET "https://api.tensorone.ai/v2/auth/verify" \
-H "Authorization: Bearer YOUR_API_KEY"
{
"valid": true,
"key_id": "key_1234567890",
"permissions": ["read", "write"],
"scopes": ["endpoints", "clusters"],
"expires_at": "2024-12-31T23:59:59Z"
}
