Authentication
Authenticate API requests using Bearer tokens. API keys are scoped to specific permissions and tied to your instance.
API Keys
Generate API keys from your dashboard under Settings → API Keys. Each key has:
- A unique key ID (prefix
snk_live_for production,snk_test_for sandbox) - Assigned scopes controlling what the key can access
- Optional expiration date
- Activity log showing last used time and IP
Using Your API Key
Include the key in the Authorization header of every request:
curl -H "Authorization: Bearer snk_live_xxxxxxxxxxxxxxxxxxxx" \
https://api.sentinelnerd.com/v1/events
Warning
Never expose API keys in client-side code, Git repositories, or public URLs. Treat API keys like passwords. If a key is compromised, revoke it immediately from the dashboard.
Scopes
API keys are granted specific scopes that control access:
| Scope | Access | Description |
|---|---|---|
| events:read | Read | Query and search events |
| events:write | Write | Submit custom events |
| rules:read | Read | List and view detection rules |
| rules:write | Write | Create, update, and delete rules |
| alerts:read | Read | List and view alerts |
| alerts:write | Write | Acknowledge, resolve, and manage alerts |
| response:execute | Execute | Trigger active response actions |
| admin | Full | Full access to all API endpoints |
Least privilege
Always use the minimum scopes needed. A monitoring dashboard only needs
events:read and alerts:read. A CI/CD pipeline deploying rules needs rules:read and rules:write.
API Key Management
POST
/v1/api-keys Create a new API key with specified scopes.
| Parameter | Type | Required | Description |
|---|---|---|---|
name | string | Required | Human-readable name for the key |
scopes | string[] | Required | Array of scope strings |
expires_at | ISO 8601 | Optional | Expiration date (default: never) |
Create API Key
curl -X POST https://api.sentinelnerd.com/v1/api-keys \
-H "Authorization: Bearer snk_live_admin_key" \
-H "Content-Type: application/json" \
-d '{
"name": "Monitoring Dashboard",
"scopes": ["events:read", "alerts:read"],
"expires_at": "2026-01-01T00:00:00Z"
}' Response
{
"data": {
"id": "key_abc123",
"name": "Monitoring Dashboard",
"key": "snk_live_xxxxxxxxxxxxxxxxxxxx",
"scopes": ["events:read", "alerts:read"],
"expires_at": "2026-01-01T00:00:00Z",
"created_at": "2025-01-15T14:32:01Z"
}
}Warning
The full API key is only shown once at creation time. Store it securely. If lost, you'll need to create a new key.
GET
/v1/api-keys List all API keys for the current instance.
DELETE
/v1/api-keys/:id Revoke an API key immediately. All requests using this key will return 401.
Token Rotation
We recommend rotating API keys periodically:
- Create a new key with the same scopes
- Update your applications to use the new key
- Verify the new key is working
- Revoke the old key