secretKey), or using a personal access token (personalAccessToken). Both methods should only be used in a backend server, as they provide full access to the project.
There is a separate authentication strategy when making requests from your frontend application.
See the Realtime guide for more information. This guide is for backend usage
only.
runs.list function can be called using either a secretKey or a personalAccessToken, but the projectRef argument is required when using a personalAccessToken:
View endpoint support
View endpoint support
Consult the following table to see which endpoints support each authentication method.
| Endpoint | Secret key | Personal Access Token |
|---|---|---|
task.trigger | ✅ | |
task.batchTrigger | ✅ | |
runs.list | ✅ | ✅ |
runs.retrieve | ✅ | |
runs.cancel | ✅ | |
runs.replay | ✅ | |
envvars.list | ✅ | ✅ |
envvars.retrieve | ✅ | ✅ |
envvars.upload | ✅ | ✅ |
envvars.create | ✅ | ✅ |
envvars.update | ✅ | ✅ |
envvars.del | ✅ | ✅ |
schedules.list | ✅ | |
schedules.create | ✅ | |
schedules.retrieve | ✅ | |
schedules.update | ✅ | |
schedules.activate | ✅ | |
schedules.deactivate | ✅ | |
schedules.del | ✅ |
Secret key
Secret key authentication scopes the API access to a specific environment in a project, and works with certain endpoints. You can read our API Keys guide for more information.Personal Access Token (PAT)
A PAT is a token associated with a specific user, and gives access to all the orgs, projects, and environments that the user has access to. You can identify a PAT by thetr_pat_ prefix. Because a PAT does not scope access to a specific environment, you must provide the projectRef argument when using a PAT (and sometimes the environment as well).
For example, when uploading environment variables using a PAT, you must provide the projectRef and environment arguments:
Preview branch targeting
When working with preview branches, you may need to target a specific branch when making API calls. This is particularly useful for managing environment variables or other resources that are scoped to individual preview branches.- SDK
- cURL
To target a specific preview branch, include the
previewBranch option in your SDK configuration:DATABASE_URL environment variable specifically for the feature-xyz preview branch.
The
x-trigger-branch header is only relevant when working with the preview environment ({env} parameter set to preview). It has no effect when working with dev, staging, or prod
environments.SDK usage with preview branches
When using the SDK to manage preview branch environment variables, the branch targeting is handled automatically when you’re running in a preview environment with theTRIGGER_PREVIEW_BRANCH environment variable set. However, you can also specify the branch explicitly: