Server-side authentication

Use long-lived API Keys to authenticate server-side backend applications.

Client-side authentication

Use short-lived JWT tokens to authenticate client-side frontend applications.

Get your API credentials

To get your API credentials, create an Application in the Propel Console with DATA_POOL_QUERY and METRIC_QUERY scopes so they can access your data.

If you are using the Management API, you need an Application with ADMIN scope.

For step-by-step instructions, see the Creating an Application guide.

Server-side authentication

Authenticate server-side applications using an Application ID and secret as HTTP Basic Authentication credentials.

Use the Application ID as username and secret as password in the HTTP Basic Authorization header:

Client-side authentication

Authenticate client-side frontend applications using short-lived JWT tokens. This involves a two-step process:

1

Generate a JWT token

Make a POST request to the Token API endpoint with your Application credentials from secure backend code.

Replace $APPLICATION_ID and $APPLICATION_SECRET with your Application’s clientId and secret.

The response includes:

{
  "access_token": "eyJra...",
  "expires_in": 3600,
  "token_type": "Bearer"
}
2

Make an authenticated request

Once you’ve received an access token, your application makes API requests by including the Authorization header with your access token.

Error handling

Was this page helpful?

OverviewSQL API