Core Concepts8 min read

Authentication

Learn how to authenticate with Gravitre using API keys, OAuth, or SSO. Secure your integrations with best practices.

Authentication Methods

Gravitre supports multiple authentication methods:

- **API Keys**: For server-to-server communication - **OAuth 2.0**: For user-authorized integrations - **SSO**: SAML and OIDC for enterprise single sign-on

API Keys

Generate API keys from Settings > API Keys. Each key can be scoped to specific permissions and workspaces.

// Using API keys
const gravitre = new Gravitre({
  apiKey: process.env.GRAVITRE_API_KEY,
  orgId: process.env.GRAVITRE_ORG_ID
});

// Or with HTTP headers
fetch('https://api.gravitre.com/v1/workflows', {
  headers: {
    'Authorization': 'Bearer YOUR_API_KEY',
    'X-Org-Id': 'YOUR_ORG_ID'
  }
});

OAuth 2.0

For applications that need to act on behalf of users, use OAuth 2.0 authorization code flow.

// OAuth authorization URL
const authUrl = `https://auth.gravitre.com/oauth/authorize?
  client_id=YOUR_CLIENT_ID&
  redirect_uri=YOUR_REDIRECT_URI&
  response_type=code&
  scope=workflows:read workflows:write`;

// Exchange code for tokens
const tokens = await gravitre.oauth.exchangeCode(code);

SSO Configuration

Enterprise customers can configure SSO with SAML 2.0 or OpenID Connect. Contact support to enable SSO for your organization.

PreviousArchitecture NextWorkspaces

Need more help?

Can't find what you're looking for? Our team is here to help.

Contact Support GitHub