env0 API authentication is done via API keys. An API Key can either be created by an organization administrator, in which case it will not be connected to any specific user, or via Personal API Keys to authenticate as a user.
Creating an API Key with a Specific Role
-
Once you've created your organization, you can set up and manage API Keys.
-
Navigate to the Organization Settings page and click the API Keys tab.
-
Click Add API Key and enter a name for your key in the Name field. This name is for reference purposes only and isn't used directly in authentication.
❗️Save Your API Key ID and secret
The secret will not be available after you close this window.
Creating a Personal API Key
-
Click on your avatar (located on the top right of the screen)
-
Click on Personal Settings
-
Select the API Keys tab
-
Click Add API Key, and enter a name for your key in the Name field.
This name is for reference purposes and isn't used directly in authentication.❗️Save your API Key ID & secret
The secret will not be available after you close this window.
Using an API Key to Authenticate
Authentication of the env0 API is done using the Basic Authentication method. Each request made should include the API Key ID as the username, and the API Key secret as the password. For example, when using curl, we can include these parameters via flag --user {API Key ID}:{API Key Secret}.
API Key Permissions
When creating an API key through the organization settings, you will need to choose if you’d like to grant it Organization Admin or User permissions. In case of the latter, you can assign fine-grained permissions per project. Personal API Keys can be created through the user’s profile page and will have the same permissions as the user has.