AI
intermediate5 min read

Authentication

API Authentication

AI for Database uses API keys for server-to-server authentication and OAuth 2.0 for user-facing integrations.

API Keys

Generate API keys in Settings > API Keys. Each key is a long-lived secret that authenticates requests on behalf of your organization.

Creating a key:

  1. 1Click New API Key
  2. 2Give it a descriptive name (e.g., "Production Backend", "CI Pipeline")
  3. 3Select a scope: Read (queries and dashboards only) or Full Access (all operations)
  4. 4Optionally set an expiration date
  5. 5Copy the key immediately -- it is only shown once

Using the key:

bash
curl -X POST https://api.aifordatabase.com/v1/queries \
  -H "Authorization: Bearer afdb_live_abc123..." \
  -H "Content-Type: application/json" \
  -d '{"question": "How many users signed up today?"}'

Key prefixes:

  • afdb_live_ -- production keys
  • afdb_test_ -- test keys (limited to test connections)

OAuth 2.0

For applications that act on behalf of a user (e.g., embedded dashboards, third-party integrations), use the OAuth 2.0 authorization code flow.

1. Register your application in Settings > Developer > OAuth Apps. You receive a client ID and client secret.

2. Redirect users to authorize:

https://app.aifordatabase.com/oauth/authorize?
  client_id=your_client_id&
  redirect_uri=https://yourapp.com/callback&
  response_type=code&
  scope=queries:read dashboards:read

3. Exchange the code for tokens:

bash
POST https://app.aifordatabase.com/oauth/token
Content-Type: application/x-www-form-urlencoded

grant_type=authorization_code&
code=auth_code_here&
client_id=your_client_id&
client_secret=your_client_secret&
redirect_uri=https://yourapp.com/callback

4. Use the access token:

bash
curl -H "Authorization: Bearer access_token_here" \
  https://api.aifordatabase.com/v1/queries

Token Scopes

ScopeDescription
queries:readRun queries and view results
queries:writeSave and delete queries
dashboards:readView dashboards
dashboards:writeCreate and modify dashboards
workflows:readView workflows
workflows:writeCreate and manage workflows
connections:manageAdd and modify database connections
team:manageManage team members and roles

Security Best Practices

  • Store API keys in environment variables, never in code.
  • Use the narrowest scope necessary.
  • Rotate keys periodically and revoke unused keys.
  • Use test keys for development and staging environments.
  • Monitor key usage in Settings > API Keys > Activity Log.
PreviousAPI OverviewNextAPI Endpoints