Authentication
Authentication tokens are passed using an auth header, and are used to authenticate as a user or organization account with the API. In our documentation, we have several placeholders that appear between curly braces or chevrons, such as {API_KEY}
or <auth_token>
, which you will need to replace with one of your authentication tokens in order to use the API call effectively.
For example, when the documentation says:
curl -H 'Authorization: Bearer {TOKEN}' https://sentry.io/api/0/projects/
If your authentication token is 1a2b3c
, then the command should be:
curl -H 'Authorization: Bearer 1a2b3c' https://sentry.io/api/0/projects/
You can create authentication tokens within Sentry by creating an internal integration. This is also available for self-hosted Sentry.
Some API endpoints require an authentication token that's associated with your user account, rather than an authentication token from an internal integration. These auth tokens can be created within Sentry on the "User settings" page (User settings > User Auth Tokens) and assigned specific scopes.
The endpoints that require a user authentication token are specific to your user, such as List Your Organizations.
Some API endpoints may allow DSN-based authentication. This is generally very limited and an endpoint will describe if its supported. This works similar to Bearer token authentication, but uses your DSN (Client Key).
curl -H 'Authorization: DSN {DSN}' https://sentry.io/api/0/projects/
Note
API keys are a legacy means of authenticating. They will still be supported but are disabled for new accounts. You should use authentication tokens wherever possible.
API keys are passed using HTTP Basic auth where the username is your api key, and the password is an empty value.
As an example, to get information about the project which your key is bound to, you might make a request like so:
curl -u {API_KEY}: https://sentry.io/api/0/projects/
You must pass a value for the password, which is the reason the :
is present in our example.