Ory Network API Authorization
Ory Network Project APIs are separated into:
- Ory Network Frontend APIs are used to interact with Ory Network projects, such as register users or checking login state.
- Ory Network Admin APIs are used to perform privileged operations on Ory Network projects, such as deleting users or creating permissions.
Ory Network Management APIs are used to manage Ory Network projects, such as creating a new project or changing settings.
Authorizing Ory Network Project Frontend APIs
Frontend APIs are used to interact with Ory Network projects from your frontend application and do not require any special authorization.
Authorizing Ory Network Project Admin APIs
API Keys are used to authorize privileged operations to Ory Network Project Admin APIs. For example, you must use an API Key to call the Admin API, which allows you to delete users.
API Keys work only in the context of the Project for which they were created. You create API Keys in the Ory Console.
Creating API Keys
Follow these steps to create API Keys for your Project:
- Go to Project settings → API Keys in the Ory Console.
- Click Create new API key
- Enter the API Key name and click Create
- Copy the created API Key
The API Key you created is displayed only once. When you close the prompt, you can't access the key again. Make sure to save the API Key before you close the prompt or reload the page.
API Keys are bound to an Ory Network project, and not to a specific user. This means that any user with access to the API Key can perform the operations that the API Key allows, even if they are no longer part of the project. Make sure to keep your API Keys secure and rotate them if necessary.
Usage
Use the API Key in API calls, SDK calls, or command-line interactions. Ory API Keys have a ory_apikey_
or ory_pat_
, which
makes it easy to identify them when analyzing code.
For example, when calling the Admin API at /admin/identities
, include the API Key in the Authorization
header:
GET /admin/identities HTTP/1.1
Host: $PROJECT_SLUG.projects.oryapis.com
Accept: application/json
Authorization: Bearer $API_KEY
Authorizing Ory Network Management APIs
Ory Network Management APIs are used to manage Ory Network projects, such as creating a new project or changing settings. At this time the only way to authorize Management APIs is by using a session cookie issued to you by the Ory Network Console. Please reach out to your support representative if you need help with this process.