Skip to main content

Authentication & Security

Secure your API connections with proper authentication methods.

API Keys

Generating API Keys

  1. Navigate to your Yellow.ai dashboard
  2. Go to Settings > API Keys
  3. Click "Generate New Key"
  4. Copy and securely store your key

Using API Keys

Include your API key in the Authorization header:

curl -H "Authorization: Bearer YOUR_API_KEY" \
     https://api.yellow.ai/v1/endpoint

OAuth 2.0

For enterprise applications, we recommend using OAuth 2.0:

Authorization Flow

  1. Authorization Request

    GET /oauth/authorize?client_id=YOUR_CLIENT_ID&response_type=code&redirect_uri=YOUR_REDIRECT_URI

  2. Token Exchange

    POST /oauth/token
    Content-Type: application/x-www-form-urlencoded

    grant_type=authorization_code&code=AUTHORIZATION_CODE&client_id=YOUR_CLIENT_ID&client_secret=YOUR_CLIENT_SECRET

Security Best Practices

  • Never expose API keys in client-side code
  • Use environment variables for sensitive data
  • Implement proper token refresh mechanisms
  • Monitor API usage and set up alerts