Dashboard

Authentication

All API requests require authentication via an API key. Create one in the Tracore dashboard under Profile → API keys; keys are tied to your user account and work across all your workspaces. To restrict a key to a single workspace and environment, create it from that schema’s settings instead.

API keys

API keys are prefixed with dsk_ for easy identification. Store them securely and never commit them to version control.

Using the SDK

Pass your API key when creating a client instance:

import { TracoreClient } from '@tracore/sdk';

const client = new TracoreClient({
  apiKey: process.env.TRACORE_API_KEY!,
});

Using HTTP directly

Include the key in the x-api-key header:

curl https://api.tracore.io/workspaces \
  -H "x-api-key: dsk_your_api_key_here"

Best practices

  • Use environment variables. Never hard-code API keys in source code. Use TRACORE_API_KEY or a similar variable name.
  • Rotate keys regularly. You can create multiple keys and revoke old ones from the dashboard.
  • Use separate keys per environment. Create distinct keys for development, staging, and production so you can revoke them independently.
  • Restrict access. Only share keys with services that need them. Treat them like passwords.