Skip to main content
To create an API token, go to the Settings & Billing → API Keys page on the dashboard. The key is shown to your only when it’s created. If you lose it, you’ll have to roll the key or create a new one.

Using your API key

When you create your API key, you will see it in the same section of your Dashboard. You can edit the key name, rotate the token, or delete the key entirely from here. To use your API key simply provide it as part of the authorization header when you make a request. Tokens use the bearer authorization header when you make a request. 
$ curl \
-s https://api.latitude.sh/user/profile \
-H "Authorization: Bearer YOUR_API_KEY_HERE" \

Read-only mode

Read-only API keys are limited to GET requests. Enable the Read-only toggle when creating or editing an API key.

IP access restrictions

You can restrict API key usage to specific IP addresses or CIDR ranges. Requests from IPs not on the allowlist will be rejected. To configure IP restrictions:
  1. Enable the Limited access toggle when creating or editing an API key
  2. Enter one or more IP addresses or CIDR ranges (e.g., 192.168.1.1 or 10.0.0.0/24)
  3. Click + to add additional IPs
Both IPv4 and IPv6 addresses are supported. Plain IP addresses are automatically converted to CIDR notation (IPv4 gets /32, IPv6 gets /128).

API keys should be kept private

API keys allow access to your private data in Latitude.sh. They should not be shared outside of your company. We cannot stress enough how important it is for you not to share your API keys with anyone. In case you suspect your API key has been leaked, you can rotate or delete it on the dashboard and this will revoke access to that key.