API-ID

Authentication

The authentication scheme that the InfraSonar API makes use of is "Bearer authentication".

Bearer Authentication

Bearer authentication (also called token authentication) is an HTTP authentication scheme that involves security tokens called bearer tokens. The name “Bearer authentication” can be understood as “give access to the bearer of this token.” The client must send this token in the Authorization header when making requests to the InfraSonar API:

Authorization: Bearer <token>

Creating a token

Infrasonar supports two types of tokens:

User tokens

User tokens are bound to an user and can be used to automated actions as the user issuing the token.

Warning

This token has the same privileges as the user!

User can be valuable for scripts or integrations that require access to multiple containers.

Container tokens

Container tokens can be used to give granular access to a specific container.

User tokens

Follow these steps below to create and add a token to your user account.

Open the "My access" dialog by clicking on the My access button in the account menu.
Navigate to the tokens tab and click on the + button.
Enter a useful description and click on the Create button to add the token to your account.

Container tokens

Tip

We strongly suggest setting up separate tokens when possible.

Container tokens are also required for agentcore and agent authentication.

Navigate to the container you want to create a token for.
Click the tokens icon in the left hand menu.
Click the Add token button.
Give the token a identifiable name and provide just enough access
observe we added some shorcuts to create access tokens for agentcores and probes
Click Save, enter a reason and click confirm
Reopen the just created token and copy the ID.

Rules

User who have the de container Access flag set can create container tokens.
A user can not grant more access permissions to a token then he or she already has.