API Authentication
Trainwave provides secure authentication for API access. This guide covers everything you need to know about authenticating your API requests.
Quick Start
# Generate an API token in the dashboard
# Then use it in your requests:
curl -H "Accept: application/json" \
-H "X-API-KEY: your-api-key" \
https://backend.trainwave.ai/api/v1/jobs/Generating an API Token
- Log in to the Trainwave dashboard
- Navigate to Settings → API Tokens
- Click “Generate New Token”
- Set a descriptive name
- Copy the token immediately — it won’t be shown again
Using API Keys
Include your token in the X-API-KEY header:
# Python example
import requests
headers = {
"Accept": "application/json",
"X-API-KEY": "your-api-key"
}
response = requests.get(
"https://backend.trainwave.ai/api/v1/jobs/",
headers=headers
)// JavaScript example
const response = await fetch("https://backend.trainwave.ai/api/v1/jobs/", {
headers: {
Accept: "application/json",
"X-API-KEY": "your-api-key",
},
});Security Best Practices
- Store API keys in environment variables, not in source code
- Use different keys for different environments (development, staging, production)
- Rotate keys regularly
- Never share keys between team members — generate individual keys per person or service
Example using environment variables:
import os
API_KEY = os.getenv("TRAINWAVE_API_KEY")
if not API_KEY:
raise ValueError("TRAINWAVE_API_KEY environment variable is required")Key Rotation
# Set a new token via the CLI
wave auth set-token new-token-valueRevoke old tokens from the tokens dashboard.
Troubleshooting
Invalid API Key
{
"success": false,
"error": {
"code": "invalid_api_key",
"message": "The provided API key is invalid or expired"
}
}Verify your token is correct and has not been revoked in the dashboard.
Rate Limit Exceeded
{
"success": false,
"error": {
"code": "rate_limit_exceeded",
"message": "Too many requests"
}
}Implement exponential backoff in your client when you receive 429 responses.