Command Palette
Search for a command to run...

Authentication

Authenticate requests to the Notra API using API keys.

reference · beginner · 6m
gilt für notra-api, typescript
von Dominik K. ·

Notra API requests are authenticated with API keys.

How It Works

curl -H "Authorization: Bearer YOUR_API_KEY" \  "https://api.usenotra.com/v1/posts"
const response = await fetch("https://api.usenotra.com/v1/posts", {  headers: {    Authorization: `Bearer ${process.env.NOTRA_API_KEY}`,  },});const data = await response.json();console.log(data);
import { Notra } from "@usenotra/sdk";const notra = new Notra({  bearerAuth: process.env["NOTRA_BEARER_AUTH"] ?? "",});const result = await notra.content.listPosts();console.log(result);
Name Type Scheme Environment Variable
bearerAuth http HTTP Bearer NOTRA_BEARER_AUTH

Create an API Key

  1. Open your workspace dashboard.
  2. Go to API Keys under Developer.
  3. Click Create API Key.
  4. Choose a name, resource permissions, and optional expiration.
  5. Copy the key and store it securely.

API Keys page in the Notra dashboard

API Keys page in the Notra dashboard

API keys are powered by Unkey.

Permissions

API keys can be scoped per resource. Grant Read when a key only needs to fetch data, Write when it needs to create, update, or delete that resource, and None when the key should not access the resource.

Available resources:

  • Posts
  • Brand identities
  • Integrations
  • Schedules
  • Chats
  • Skills

Legacy keys with the older api.read and api.write permissions continue to work. New keys use the resource-specific scopes.

Error Handling

const response = await fetch("https://api.usenotra.com/v1/posts", {  headers: { Authorization: `Bearer ${process.env.NOTRA_API_KEY}` },});if (!response.ok) {  const error = await response.json();  console.error(error.error); // e.g. "Missing or invalid API key"}
import { Notra } from "@usenotra/sdk";import * as errors from "@usenotra/sdk/models/errors";const notra = new Notra({  bearerAuth: process.env["NOTRA_BEARER_AUTH"] ?? "",});try {  const result = await notra.content.listPosts();  console.log(result);} catch (error) {  if (error instanceof errors.NotraError) {    console.log(error.message);    console.log(error.statusCode);    console.log(error.body);  }}

Security Best Practices

Warning

Treat API keys as secrets. Do not expose them in client-side code, public repositories, or logs.

Tip

Store your key in a server-side environment variable such as NOTRA_BEARER_AUTH and make requests from your backend whenever possible.

If a key is exposed, delete it immediately by going to API Keys under the Developer section of your dashboard sidebar.

Hat das auf deinem Setup funktioniert?

Noch nicht bewertet