Page cover image

Authentication

The Travu API uses API keys to identify and authenticate requests. You can always find your keys at the Travu Office after complete Onboarding (Getting started here). Note that you will not be needing to pass an PI Keys for the demo environment.

Your API keys carry many privileges, so be make sure you keep them secure. Do not share your secret API keys in publicly accessible areas such as GitHub, client-side code, etc.

Authorization to the API is performed through the Bearer Token Type Authentication scheme. To authorize requests, select the authentication section, select Bearer Token as Type, then include your token bearer API key into the Token field.

API requests without authentication will fail with the below response:

{
    "status": 401,
    "message": "Missing authorization key"
}

API calls made with a wrong/invalid Token will also be rejected with the below response:

{
    "status": 401,
    "message": "Invalid authorization key provided"
}

API calls made with a Token belonging to a banned/restricted Travu Business account will also be rejected with the below response:

{
    "status": 401,
    "message": "This account has been blocked"
}

Last updated