Reten Docs
API Keys

API Keys

API endpoints for managing API keys for programmatic access.

Overview

API keys provide an alternative authentication method for programmatic and service-to-service access to the Reten platform. Instead of using JWT tokens obtained through the login flow, clients can authenticate by sending an API key in the x-api-key header.

API keys are scoped to a specific user and tenant, and carry an explicit set of permissions (always a subset of the creator's permissions). Keys are stored as SHA-256 hashes — the plaintext key is only shown once at creation time.

Key properties

PropertyDescription
nameHuman-readable label for identifying the key
keyPrefixDisplay prefix (e.g., rtn_sk_a1b2c3d4) for identification without exposing the full key
permissionsExplicit list of permissions granted to this key
expiresAtOptional expiration date after which the key is rejected
lastUsedAtTimestamp of the last successful authentication with this key

Authentication with API keys

curl -X GET https://api.reten.ai/api/commerces \
  -H "x-api-key: rtn_sk_a1b2c3d4e5f6..." \
  -H "Content-Type: application/json"

When using an API key, the x-tenant-id header is not required — the tenant is resolved automatically from the key's associated tenant.

Endpoints

Create API Key

Generate a new API key with scoped permissions.

List API Keys

List all API keys for the current user and tenant.

Revoke API Key

Revoke an active API key.

Assignable Roles

Get roles that the current user can assign to other users.

Create API Key

Generate a new API key with scoped permissions for programmatic access.