Tengine.AI
← Back to Dashboard

Authentication Guide

Learn how to authenticate with TengineAI APIs and manage your credentials securely.

API Key Authentication

All TengineAI API requests require authentication using your API key.

Basic Usage

Include your API key in the Authorization header:

curl -H "Authorization: Bearer YOUR_API_KEY" \
     https://app.tengine.ai/api/v1/projects

JavaScript Example

const response = await fetch('https://app.tengine.ai/api/v1/projects', {
  headers: {
    'Authorization': `Bearer ${apiKey}`,
    'Content-Type': 'application/json'
  }
});

Python Example

import requests

headers = {
    'Authorization': f'Bearer {api_key}',
    'Content-Type': 'application/json'
}

response = requests.get('https://app.tengine.ai/api/v1/projects', headers=headers)

API Key Management

Creating API Keys

  1. Via Dashboard

    • Log into your TengineAI Dashboard
    • Navigate to your project
    • Go to "API Keys" section
    • Click "Generate New Key"

  2. Via API

    curl -X POST https://app.tengine.ai/api/v1/projects/{project_id}/api-keys \
     -H "Authorization: Bearer YOUR_API_KEY" \
     -H "Content-Type: application/json" \
     -d '{
       "name": "My API Key",
       "permissions": ["read", "write"],
       "expires_at": "2024-12-31T23:59:59Z"
     }'

Key Permissions

API keys support granular permissions:

  • read: View projects, analytics, and settings
  • write: Create and update projects
  • admin: Full administrative access
  • webhook: Manage webhooks and integrations

Key Rotation

For security, rotate your API keys regularly:

  1. Generate New Key

    • Create a new key with the same permissions
    • Update your applications to use the new key

  2. Revoke Old Key

    • Delete the old key from your dashboard
    • Verify all applications are using the new key

OAuth Integration

Setting Up OAuth Providers

  1. Configure Provider

    • Go to your project settings
    • Navigate to "Integrations"
    • Click "Add OAuth Provider"

  2. Provider Setup

    • Choose your provider (Google, GitHub, etc.)
    • Enter client credentials
    • Configure scopes and permissions

OAuth Flow

// 1. Redirect user to authorization URL
const authUrl = `https://app.tengine.ai/api/v1/oauth/authorize?client_id=${clientId}&redirect_uri=${redirectUri}&scope=${scope}`;

// 2. Handle callback and exchange code for token
const tokenResponse = await fetch('https://app.tengine.ai/api/v1/oauth/token', {
  method: 'POST',
  headers: { 'Content-Type': 'application/json' },
  body: JSON.stringify({
    code: authorizationCode,
    client_id: clientId,
    client_secret: clientSecret
  })
});

Security Best Practices

API Key Security

  • Never expose keys in client-side code
  • Use environment variables
  • Implement key rotation
  • Monitor key usage

Environment Variables

# .env file
TENGINE_API_KEY=your-api-key-here
TENGINE_SERVER_URL=https://api.tengineai.com

Key Storage

// ✅ Good: Server-side only
const apiKey = process.env.TENGINE_API_KEY;

// ❌ Bad: Client-side exposure
const apiKey = 'your-api-key-here';

Rate Limiting

Limits by Tier

  • Free: 100 requests/hour
  • Pro: 1,000 requests/hour
  • Enterprise: Custom limits

Handling Rate Limits

const response = await fetch(url, options);

if (response.status === 429) {
  const retryAfter = response.headers.get('Retry-After');
  await new Promise(resolve => setTimeout(resolve, retryAfter * 1000));
  // Retry request
}

Error Handling

Common Error Codes

  • 401 Unauthorized: Invalid or missing API key
  • 403 Forbidden: Insufficient permissions
  • 429 Too Many Requests: Rate limit exceeded
  • 500 Internal Server Error: Server error

Error Response Format

{
  "error": {
    "code": "INVALID_API_KEY",
    "message": "The provided API key is invalid",
    "details": {
      "field": "authorization",
      "value": "invalid_key"
    }
  }
}

SDK Authentication

JavaScript SDK

import { TengineAI } from '@tengineai/sdk';

const client = new TengineAI({
  apiKey: process.env.TENGINE_API_KEY
});

Python SDK

from tengineai import TengineAI

client = TengineAI(api_key=os.getenv('TENGINE_API_KEY'))

Webhook Authentication

Webhook Signatures

TengineAI signs webhook payloads for verification:

const crypto = require('crypto');

function verifyWebhookSignature(payload, signature, secret) {
  const expectedSignature = crypto
    .createHmac('sha256', secret)
    .update(payload)
    .digest('hex');
  
  return signature === expectedSignature;
}

Troubleshooting

Common Issues

"Invalid API Key"

  • Verify the key is correct
  • Check for extra spaces or characters
  • Ensure the key hasn't expired

"Insufficient Permissions"

  • Check key permissions in dashboard
  • Generate new key with required permissions
  • Verify you're using the correct project

"Rate Limit Exceeded"

  • Implement exponential backoff
  • Upgrade your plan for higher limits
  • Optimize your API usage

Debug Mode

Enable debug logging:

const client = new TengineAI({
  apiKey: process.env.TENGINE_API_KEY,
  debug: true
});

Next Steps

Need help with authentication? Contact our support team or check our Discord community.