Skip to main content

Overview

Authenticate Poolside API requests using Bearer tokens. The same authentication format applies to the OpenAI-compatible API and the Poolside API.
API keys are secrets. Store them securely and never commit them to source control.
Poolside supports two types of API keys: developer API keys and service account API keys.

Developer API keys

  • Linked to individual user accounts
  • Inherit the permissions of the user who created them
  • Managed at the user level
  • Tied to the lifecycle of the user account
  • Intended for individual development and testing workflows

Service account API keys

  • Linked to service accounts
  • Inherit the permissions of their team through role-based access control
  • Managed at the organization level
  • Remain active even if you remove the creator
  • Intended for automation and other non-interactive workflows
  • Audited like other identities

Create a developer API key for yourself

Prerequisites
  • You can access your Poolside deployment.
Steps
  1. Sign in to your Poolside deployment, for example: https://<your-api-domain>
  2. Click your username in the bottom left, then select Developer API Keys.
  3. Click New API Key.
  4. Enter a name for the API key.
  5. Click Create.
  6. Copy the generated key and store it securely.
The full API key value is shown only once. Store it securely.
API keys typically have a ps-xxxxx format.

Create a service account API key for a team in your organization

Prerequisites
  • You belong to a team with the tenant-admin role.
Steps
  1. In the Poolside Console, navigate to Security > https://mintcdn.com/poolside/Tz6xG1rOCu6JtFws/images/icons/key-icon.svg?fit=max&auto=format&n=Tz6xG1rOCu6JtFws&q=85&s=471edb89504a9e747e97caa541181d47 API Keys.
  2. Click New API Key.
  3. Select the team whose permissions the service account should inherit.
  4. Enter a name for the API key.
  5. Click Create.
  6. Copy the generated key and store it securely.
The full API key value is shown only once. Store it securely.
API keys typically have a ps-xxxxx format.
Use a service account API key for non-interactive automation, such as CI jobs, usage reporting, or identity management scripts. For user and team membership automation, create the API key for a service account that belongs to a team with the Provision Users with SCIM permission. See Identity Management API.

Use an API key

Use your API key with HTTP Bearer authentication. The following example uses curl to list all available models: 
curl --request GET \
  --url https://<api-domain>/openai/v1/models \
  --header 'Accept: application/json, application/problem+json' \
  --header 'Authorization: Bearer <api-key>'