Authentication
Authenticate with the Kubiya REST API
Authentication
The Kubiya API uses API keys for authentication. All API requests must include a valid API key in the Authorization header.
Get current user info
Create API token
Getting an API Key
API keys can be generated from the Kubiya web interface:
- Log in to your Kubiya account
- Navigate to Settings > API Keys
- Click Create New Key
- Give your key a name and select the appropriate permissions
- Click Generate Key
- Copy the key immediately, as it will only be shown once
You can also generate an API key using the CLI:
Using Your API Key
Include your API key in the Authorization header of each API request:
Note that unlike many other APIs, Kubiya uses the UserKey prefix instead of Bearer for API keys.
Example Request
API Endpoints
The base URL for all API endpoints is:
Note that the actual API version path may differ from what you see in response URLs.
API Key Best Practices
For production environments, we recommend following these best practices:
- Use API keys with the minimal required permissions
- Store keys securely (e.g., in environment variables or a secrets manager)
- Rotate keys regularly
- Monitor key usage for suspicious activity
- Revoke keys immediately if they are compromised
Example Authentication Request
Error Responses
If authentication fails, you'll receive a 401 Unauthorized response:
Common authentication errors:
| HTTP Status | Error Description |
|---|---|
| 401 | Unauthorized - No API key provided or invalid key |
| 403 | Forbidden - The API key doesn't have sufficient permissions for the requested operation |
Next Steps
Now that you understand how to authenticate with the Kubiya API, you can explore other API endpoints:
- Agents (Teammates) - Manage AI teammates
- Sources - Manage tool sources
- Agentic Tools - Create and use tools
- Runners - Deploy and manage runners
- Knowledge - Manage knowledge sources
- Webhooks - Set up event notifications