Authentication

Unizo uses API key authentication for all requests. You'll need to include your API key in the Authorization header of every request.

Getting Your API Key

1. Sign up for a Unizo account at app.unizo.ai
2. Navigate to the API Keys section in your dashboard
3. Create a new API key with the appropriate scopes
4. Copy your API key and store it securely

Keep Your API Key Secret

Never expose your API key in client-side code, public repositories, or logs. Always store it as an environment variable or in a secure configuration management system.

Making Authenticated Requests

Include your API key in the Authorization header using the Bearer token format:

curl -H "Authorization: Bearer your_api_key_here" \
     -H "Content-Type: application/json" \
     https://api.unizo.ai/v1/connectors

Environment Variables

We recommend storing your API key as an environment variable:

export UNIZO_API_KEY="your_api_key_here"

Then reference it in your code:

JavaScript

const UNIZO_API_KEY = process.env.UNIZO_API_KEY;

const response = await fetch('https://api.unizo.ai/v1/connectors', {
  headers: {
    'Authorization': `Bearer ${UNIZO_API_KEY}`,
    'Content-Type': 'application/json'
  }
});

Python

import os
import requests

UNIZO_API_KEY = os.getenv('UNIZO_API_KEY')

headers = {
    'Authorization': f'Bearer {UNIZO_API_KEY}',
    'Content-Type': 'application/json'
}

response = requests.get('https://api.unizo.ai/v1/connectors', headers=headers)

cURL

curl -H "Authorization: Bearer $UNIZO_API_KEY" \
     -H "Content-Type: application/json" \
     https://api.unizo.ai/v1/connectors

API Key Scopes

When creating an API key, you can limit its access to specific scopes:

• connectors:read - Read connector configurations
• connectors:write - Create and update connectors
• ticketing:read - Read tickets from connected services
• ticketing:write - Create and update tickets
• source-code:read - Read repositories and code
• source-code:write - Create repositories and push code
• communications:write - Send messages and notifications

Use Minimal Scopes

Follow the principle of least privilege by only granting the scopes your application actually needs.

Testing Your Authentication

You can test your API key by making a request to the health endpoint:

curl -H "Authorization: Bearer $UNIZO_API_KEY" \
     https://api.unizo.ai/v1/health

Expected response:

{
  "status": "ok",
  "timestamp": "2024-01-01T12:00:00Z",
  "version": "1.0.0"
}

Error Responses

If authentication fails, you'll receive a 401 Unauthorized response:

{
  "error": "unauthorized",
  "message": "Invalid or missing API key",
  "code": "INVALID_API_KEY"
}

Common authentication errors:

• Missing Authorization Header: Include Authorization: Bearer your_api_key
• Invalid API Key: Check that your API key is correct and hasn't been revoked
• Insufficient Scope: Ensure your API key has the required scopes for the endpoint

Next Steps

Now that you have authentication set up, you can:

• Make your first API call
• Explore the API reference
• Set up webhooks