Authentication

EdLog uses API keys for authentication. Each project has its own unique API key that must be included in all requests to send events or access project data.

Getting Your API Key

  1. Log in to your EdLog account
  2. Navigate to Project Groups
  3. Select your project
  4. Click Settings or API Key
  5. Copy the API key shown

Important: Keep your API keys secure. Treat them like passwords.

Using API Keys

Include your API key in the Authorization header of every request: 

Authorization: Bearer YOUR_API_KEY

Example Request

curl -X POST https://your-edlog-domain.com/api/v1/webhooks \
  -H "Authorization: Bearer your_api_key_here" \
  -H "Content-Type: application/json" \
  -d '{
    "project_key": "api-server",
    "type": "deployment",
    "name": "deploy_started",
    "timestamp": "2024-01-15T10:30:00Z",
    "attributes": {
      "version": "v1.2.3"
    }
  }'

Security Best Practices

  • Use Environment Variables

    Store API keys in environment variables, not in your code: 

    export EDLOG_API_KEY="your_api_key_here"
  • Never Commit Keys

    Add .env files to .gitignore to prevent accidental commits

  • Use Different Keys Per Environment

    Create separate projects for development, staging, and production

  • Rotate Keys Regularly

    Regenerate API keys periodically or if compromised

  • Restrict Key Scope

    Each project key only has access to its own data

Regenerating API Keys

If your API key is compromised or you need to rotate keys:

  1. Go to your project settings
  2. Click Regenerate API Key
  3. Confirm the action
  4. Copy the new API key
  5. Update all applications using the old key

Warning: The old key will stop working immediately after regeneration.

Authentication Errors

Common Error Responses

Missing API Key:

{
  "error": {
    "code": "authentication_required",
    "message": "API key is required"
  }
}
Status: 401 Unauthorized

Invalid API Key:

{
  "error": {
    "code": "invalid_api_key",
    "message": "The provided API key is invalid"
  }
}
Status: 401 Unauthorized

Project Not Found:

{
  "error": {
    "code": "project_not_found",
    "message": "No project found with the provided key"
  }
}
Status: 404 Not Found

Testing Authentication

Test your API key with a simple health check: 

curl -H "Authorization: Bearer YOUR_API_KEY" \
     https://your-edlog-domain.com/api/v1/health

Expected response:

{
  "status": "ok",
  "project": "api-server",
  "timestamp": "2024-01-15T10:30:00Z"
}

Next Steps