Authentication
Learn how to authenticate to use Hyperline’s API
The Hyperline API requires either an API key or an access token to identify and authorise calls. API keys are associated with a single Hyperline account, and an access token represents delegated access to a specific account (used for third-party app). You can have more than one token or key at any point in time.
Those tokens are able to authenticate to Hyperline and perform actions on your account so it’s important that you keep them safe in the same way that you would a password.
Manage API keys
How to generate an API key
Generating an API key is very simple and allow you to use Hyperline’s API or integration such as Zapier.
As a Hyperline’s admin:
- Go to your workspace Settings, section API
- Click on
+ New API key
- Add a name for this key, and select the appropriate scopes (in most cases you’ll need right/write accesses)
- Copy the key and it in a safe space, you won’t be able to see it later in Hyperline
API keys are prefixed either with prod_
or test_
to easily identify and
distinguish them between environments.
Using authentication token
API keys or access tokens must be provided with every API call, specified in the Authorization
header after a Bearer
prefix. All requests happen using HTTPS.
For example:
curl -H "Authorization: Bearer <API key or access token>" https://api.hyperline.co/v1/customers
We also support HTTP Basic Authentication, where the username
is the API key
and the password
is left blank, but we recommend using Bearer Authentication
because it’s simpler for debugging.
Keeping your data safe
Your API keys should be treated as highly sensitive information - think of a token like a password. You should only give tokens to services you fully trust.
If leaked, tokens could be used maliciously - they can provide someone with access to all of your Hyperline data. If you suspect a token has been compromised, revoke it and replace it with a new one.
Tokens should never be shared with support teams or your customers.
Revoke a key
Workspace admins can permanently revoke tokens from the API Settings in Hyperline.
To revoke a token, click on the …
icon on the line of the key name, then Delete
to permanently delete it. A deleted key cannot be recovered.
Was this page helpful?