Authentication – NIZU Cloud API

All requests to the NIZU Cloud API must be authenticated using API keys. This mechanism ensures secure and controlled access to your resources.

✅ How It Works

Each API request must include a valid API key in the request header. Without it, the API will reject the request with an authentication error.

Generating API Keys

You can generate and manage API keys directly from your NIZU Cloud Dashboard. We recommend creating one API key per external application, integration, or software vendor for better tracking, auditing, and revocation if needed.

• There is no limit to the number of API keys you can generate.

• Each key is uniquely tied to your account and grants access based on your current permissions.

• Keys can be revoked or regenerated at any time without affecting other active keys.

Best Practices

• Never share your API keys publicly or hard-code them into public repositories.

• Use environment variables or secure secrets management tools to store keys safely.

• Revoke unused keys regularly to maintain optimal security.

• Assign descriptive labels to each key to easily identify its purpose or integration.

  
  

  The key is used in the header as Token Bearer:

  
  

  Example:
  
  

  curl --location --request GET 'https://api.nizu.io/v2/' \

  --header 'Content-Type: application/json' \

  --header 'Authorization: Bearer MY_SUPER_LONG_TOKEN' \

  --data '{

  "module": "clients",

  "data":{}

  }'