Authentication - Solarecliente

Overview

The Solarecliente API uses API keys for authentication. You can generate and manage your API keys from the dashboard.

Keep your API keys secure and never share them publicly. Treat them like passwords.

Authentication Methods

API Key Authentication

Include your API key in the request header:

Authorization: Bearer YOUR_API_KEY

Example Request

curl -X GET https://api.solarecliente.com/v1/clients \
  -H "Authorization: Bearer sk_live_abc123xyz789" \
  -H "Content-Type: application/json"

API Key Types

Test Keys

Used for development and testing. Prefix: sk_test_

Live Keys

Used for production. Prefix: sk_live_

Generating API Keys

Log in to your Solarecliente dashboard
Navigate to Settings > API Keys
Click Generate New Key
Select the key type (Test or Live)
Assign appropriate permissions
Copy and securely store your key

API keys are only displayed once upon creation. Make sure to save them securely.

API Key Permissions

You can configure granular permissions for each API key:

Show Available Permissions

clients

string

Access level for client resources: read, write, delete

projects

string

Access level for project resources: read, write, delete

installations

string

Access level for installation resources: read, write, delete

invoices

string

Access level for invoice resources: read, write, delete

reports

string

Access level for reports: read, generate

Security Best Practices

Rotate Keys Regularly

Update your API keys periodically for enhanced security

Use Environment Variables

Store keys in environment variables, never in code

Restrict Permissions

Grant only the minimum required permissions

Monitor Usage

Review API key usage logs regularly

Error Responses

Missing Authentication

{
  "success": false,
  "error": {
    "code": "UNAUTHORIZED",
    "message": "No API key provided"
  }
}

Invalid API Key

{
  "success": false,
  "error": {
    "code": "INVALID_API_KEY",
    "message": "The provided API key is invalid or has been revoked"
  }
}

Insufficient Permissions

{
  "success": false,
  "error": {
    "code": "FORBIDDEN",
    "message": "Your API key does not have permission to perform this action"
  }
}

Revoking API Keys

To revoke an API key:

Go to Settings > API Keys
Find the key you want to revoke
Click Revoke
Confirm the action

Revoking an API key immediately invalidates all requests using that key.

API

​Overview

​Authentication Methods

​API Key Authentication

​Example Request

​API Key Types

Test Keys

Live Keys

​Generating API Keys

​API Key Permissions

​Security Best Practices

Rotate Keys Regularly

Use Environment Variables

Restrict Permissions

Monitor Usage

​Error Responses

​Missing Authentication

​Invalid API Key

​Insufficient Permissions

​Revoking API Keys

Build docs developers (and LLMs) love

Overview

Authentication Methods

API Key Authentication

Example Request

API Key Types

Generating API Keys

API Key Permissions

Security Best Practices

Error Responses

Missing Authentication

Invalid API Key

Insufficient Permissions

Revoking API Keys