API Authentication

Secure your API requests with Bearer token authentication.

Getting Your API Key

1. Go to Dashboard

Visit solcertup.com/dashboard/settings/api

2. Generate Key

Click "Generate New API Key" button

3. Copy & Secure

Save your key securely (shown only once)

4. Set Permissions

Configure read/write scopes and rate limits

Bearer Token Auth

Include your API key in the Authorization header:

bash
curl -X GET https://api.solcertup.com/v1/projects \
  -H "Authorization: Bearer YOUR_API_KEY_HERE" \
  -H "Content-Type: application/json"

Key Management

Best Practices

  • • Never commit keys to version control
  • • Use environment variables for keys
  • • Rotate keys quarterly
  • • Monitor usage for unauthorized access

Revoking Keys

Delete keys immediately if compromised via Dashboard

API Key Scopes

text
Scopes:
- read:projects    # Read project data
- read:verify      # Verify certifications
- read:api         # Access API reference
- write:audit      # Submit audit data (admin)
- write:projects   # Create/update projects (admin)

Request Multiple Scopes:
Authorization: Bearer YOUR_API_KEY (scopes: read:projects, read:verify)

Error Handling

json
// Invalid or missing key
{
  "error": "UNAUTHORIZED",
  "message": "Invalid API key provided",
  "statusCode": 401
}

// Expired key
{
  "error": "TOKEN_EXPIRED",
  "message": "Your API key has expired",
  "statusCode": 401
}

// Insufficient permissions
{
  "error": "FORBIDDEN",
  "message": "API key lacks required scopes for this endpoint",
  "statusCode": 403
}