Traceway

Authentication

How to authenticate requests to the Traceway API.

Authentication

The API is not yet live. This page documents the planned authentication design.

API keys

Every Traceway project has one or more API keys. Keys are scoped to a single project — a key from Project A cannot submit reports to Project B.

Getting your API key

  1. Sign in at traceway.dev
  2. Navigate to your organization and open your project
  3. Go to Project Settings and select the SDK or API tab
  4. Copy the API key shown
Treat your API key like a password. Anyone with the key can submit issues to your project. Do not commit it to version control or expose it in client-side code that is publicly readable.

Sending the key

[PLACEHOLDER: Confirm the exact header name and format. Two likely options:

Option A — Bearer token:

Authorization: Bearer YOUR_API_KEY

Option B — Custom header:

X-API-Key: YOUR_API_KEY

Confirm from the API implementation which is correct and remove the other option.]

Key rotation

[PLACEHOLDER: Document how to rotate keys — whether the dashboard supports generating a new key, whether old keys are immediately invalidated, and what the recommended zero-downtime rotation process is.]

Error responses

Status Error Cause
401 unauthorized No API key provided
401 invalid_key API key is not recognised
403 forbidden Key is valid but does not have access to the requested resource

[PLACEHOLDER: Confirm these status codes and error strings match the actual API implementation.]

← Previous
SDK Overview
Next →
Installation
Privacy Policytraceway.dev© 2026 Traceway · v0.5.4

Heads up — under active development

Traceway, its SDKs across all platforms, and these docs are evolving fast. Some pages may be incomplete or out of date. Treat anything here as a snapshot, not a contract.