Authentication

Amigo Authentication Process

Amigo utilizes a robust two-tiered authentication system to ensure secure access. Below is a detailed guide on how to interact with this system:

Step 1: User and Workspace Creation

Note: This part of the process will be handled for you by an Amigo repressentative.

Create a User: Begin by setting up a user profile within the desired workspace. This user profile will represent an individual or entity and hold specific privileges and access rights within Amigo.
Set Up a Workspace: Establish or join a workspace, which serves as a collaborative environment for you and others, providing a curated space for data and user activities.

Step 2: API Key Generation

After setting up the user and workspace, the next step is to create an API key. This key is a unique identifier that allows applications to access the workspace securely and perform operations based on the permissions granted to it. Keep this key secret to prevent unauthorized access.

Step 3: Authentication Token Creation

Use the generated API key to create an authentication token. This token acts as a pass, granting access to perform actions on behalf of the users it impersonates within Amigo. Tokens are essential for validation, allowing the system to authenticate requests and ensure they are performed by verified entities.

Final Notes

Security Best Practices: Always safeguard your API keys and authentication tokens. Limit their distribution and rotate them periodically to enhance security.
User Impersonation: Leverage the authentication token to carry out tasks simulating the identity of other users, as permitted by their roles and permissions.

A service account makes API Keys for using other services. When your organization is set up in Amigo, an Admin user is created for adding more users.

To confirm you're logged in as the Admin role, confirm that you can see the tag in the top right corner of the admin dashboard.

Generating API Keys

You have two options for generating API keys:

Option 1: Generate via Admin Dashboard

Log in to your service account
Navigate to https://<your-org-id>.amigo.ai/admin/settings
Click "Create API Key" and select a valid duration time.
Securely store the API key and key ID as they cannot be retrieved later

Option 2: Generate Programmatically (Recommended)

If you've made it this far, congrats! You should now be able to generate authentication tokens to impersonate any user in your organization. Note: API Keys cannot be used to impersonate users with more privilege than the creator of the api key.

Authentication Token Generation

Use the Sign in With API Key endpoint to get an authorization token to use for subsequent api calls.

API Key Rotation Best Practices

For enhanced security:

Create a new API key before the current one expires
Transition your applications to use the new key
Revoke the old key once transitions are complete
Automate this process to prevent authentication failures

PreviousEnterprise Integration Guide NextUser Creation + Management

Last updated 3 days ago

Was this helpful?

POST /v1/{organization}/organization/api_key/ HTTP/1.1 Host: api.amigo.ai Authorization: Bearer JWT Content-Type: application/json Accept: */* Content-Length: 58 { "duration": "text", "role_name": "DefaultAdministratorRole" }

Responses

200

Succeeded.

application/json

401

API key not found, is incorrect, or the requested user is not found.

404

Specified organization is not found.

422

Invalid request path parameter failed validation.

429

The user has exceeded the rate limit of 5 requests per minute for this endpoint.

503

The service is going through temporary maintenance.

201

400

The organization has reached the maximum API key limit.

Invalid authorization credentials.

403

Missing required permissions.

The specified organization or role does not exist.

Invalid request path parameter or request body failed validation.