Skip to main content

Tenants and API Keys

A tenant is the isolation boundary for Praeto Dispatcher. Every endpoint, event, delivery, attempt, usage record, and API key belongs to a tenant.

Tenant API keys

Tenant routes use bearer token authentication:
Authorization: Bearer praeto_live_xxxxxxxxxxxxxxxxx
Tenant API keys should be stored server-side only. Do not expose them in browsers, mobile apps, or customer-controlled code.

Admin API key

Admin routes use a separate admin key configured as a Cloudflare Worker secret:
npx wrangler secret put ADMIN_API_KEY
Admin routes include POST /v1/admin/tenants, POST /v1/admin/api-keys, and POST /v1/admin/retention/run.