API Authentication
All Nullafi Shield API requests require authentication using API Keys as Bearer tokens.
Overview
API Keys provide secure, programmatic access to Shield's REST API endpoints. Each key acts as a Bearer token in the Authorization header and can be configured with specific permissions and expiration dates.
API Keys are shown only once at creation. Shield does not store the keys, so it is the administrator's responsibility to save them securely.
Authentication Method
Use the API Key as a Bearer token in the Authorization header:
No OAuth flows or client credentials are required. All authentication is handled through the single Bearer token.
Related Topics
- Generating API Keys - Step-by-step key creation guide
- Using API Keys - Integration examples and usage patterns
- Managing API Keys - Key rotation, deletion, and best practices
- Troubleshooting - Common authentication issues
For complete API endpoint documentation and interactive testing, access the Swagger UI:
The Swagger interface is accessible from the Admin Console via Configuration → API Keys → API Documentation.