Taiga

Authentication

How to authenticate requests to the Taiga Partner API.

All requests require a Bearer token in the Authorization header.

Authorization: Bearer tga_live_...

Include this header on every request. Requests without a valid key receive a 401 response:

{
  "error": "Invalid or missing API key"
}

Getting a key

  1. Have a Taiga admin invite your partner admin account to the Partner Portal.
  2. Sign in to the Partner Portal.
  3. Go to API Keys.
  4. Click New Key, add a label, and copy the key.

The full key is shown only once. If you lose it, revoke it and create a new one.

Key format

Keys use the format tga_live_ followed by 64 hex characters:

tga_live_49a37d09074fc6bec607f153c8a7d47a638646ff55d56a8e103165a02ab59b45

The first 16 characters (the prefix, e.g. tga_live_49a37d0) are visible in the portal so you can identify which key is which.

Multiple keys

You can create multiple keys per organization — useful for separating staging and production, or rotating keys without downtime:

  1. Create a new key in the portal.
  2. Update your backend to use the new key.
  3. Revoke the old key once traffic has migrated.

Key security

  • Never expose keys in client-side code or public repositories.
  • Store keys in environment variables or a secrets manager.
  • Rotate keys regularly — create a new key, migrate, then revoke the old one.
  • If a key is compromised, revoke it immediately in the portal and create a replacement.
  • Keys are hashed on our side — we cannot recover a lost key for you.

Scoping

API keys are scoped to your partner organization. A key can access all providers and sessions belonging to your organization, but cannot access other partners' data.

Machine access is supported only through bearer API keys. The Partner Portal itself uses a browser session for human admins, but API clients should always send Authorization: Bearer <api-key>.

On this page