Sign In

Authentication

All API requests require authentication via an API key. Keys are created in the Tracore dashboard and are tied to your user account.

API keys

API keys are prefixed with dsk_ for easy identification. Store them securely and never commit them to version control.

Using the SDK

Pass your API key when creating a client instance:

import { TracoreClient } from "@tracore/sdk";

const client = new TracoreClient({
  apiKey: process.env.TRACORE_API_KEY!,
});

Using HTTP directly

Include the key in the x-api-key header:

curl https://api.tracore.io/workspaces \
  -H "x-api-key: dsk_your_api_key_here"

Best practices

  • Use environment variables. Never hard-code API keys in source code. Use TRACORE_API_KEY or a similar variable name.
  • Rotate keys regularly. You can create multiple keys and revoke old ones from the dashboard.
  • Use separate keys per environment. Create distinct keys for development, staging, and production so you can revoke them independently.
  • Restrict access. Only share keys with services that need them. Treat them like passwords.