API Authentication

The Turnix API uses Bearer tokens for authorization. These tokens can be created via the API Tokens section in your Turnix Console.

---

🔐 Overview

A Bearer token is a secure string that authenticates your application’s requests to the Turnix API. When making requests, you must include the following header:

Authorization: Bearer YOUR_ACCESS_TOKEN

Bearer tokens must be treated like passwords:

• Keep them confidential
• Never commit them to version control
• Store them securely (e.g., environment variables or secrets managers)

---

🎫 Obtaining API Tokens

1. Login to the Turnix Console
2. Navigate to your Project → API Tokens section
3. Click "Create new API Token"
4. Copy and store the token securely

Save your token

The token is only shown once - immediately after creation. Once the window is closed, it cannot be retrieved again. Be sure to copy and store it securely.

---

🧪 Using the Token

For any API request requiring authentication, add the following header:

Authorization: Bearer YOUR_ACCESS_TOKEN

Here’s an example showing a request using a Bearer token:

CURL

curl -X POST \
  https://turnix.io/api/v1/credentials/ice \
  -H 'Authorization: Bearer YOUR_API_BEARER_TOKEN' \
  -H 'Content-Type: application/json'

Ruby

require 'httparty'

response = HTTParty.post(
  "https://turnix.io/api/v1/credentials/ice",
  headers: {
    "Authorization" => "Bearer YOUR_API_BEARER_TOKEN"
  }
)

puts response.code      # HTTP status code
puts response.body      # Response body

Node.js

const fetch = require('node-fetch');

(async () => {
  try {
    const response = await fetch('https://turnix.io/api/v1/credentials/ice', {
      method: 'POST',
      headers: {
        'Authorization': 'Bearer YOUR_API_BEARER_TOKEN',
        'Content-Type': 'application/json'
      }
    });

    if (!response.ok) {
      throw new Error(`Request failed with status ${response.status}`);
    }

    const data = await response.json();
    console.log('Response:', data);
  } catch (error) {
    console.error('Error:', error.message);
  }
})();

Dart

import 'package:http/http.dart' as http;

final headers = <String, String>{
      'Authorization': 'Bearer $apiToken',
      'Accept': 'application/json',
      'Content-Type': 'application/json',
    };

final response = await http.post(
      Uri.parse("https://turnix.io/api/v1/credentials/ice"),
      headers: headers
    );

final body = json.decode(response.body) as Map<String, dynamic>;

Java

import java.net.http.*;
import java.net.URI;

HttpClient client = HttpClient.newHttpClient();

String apiToken = "YOUR_API_TOKEN";

HttpRequest request = HttpRequest.newBuilder()
    .uri(URI.create("https://turnix.io/api/v1/credentials/ice"))
    .header("Authorization", "Bearer " + apiToken)
    .header("Accept", "application/json")
    .header("Content-Type", "application/json")
    .POST(HttpRequest.BodyPublishers.noBody())
    .build();

HttpResponse<String> response = client.send(request, HttpResponse.BodyHandlers.ofString());

System.out.println(response.body());

A valid token will authorize the request. Invalid or missing tokens will result in:

• 401 Unauthorized: Missing or malformed token
• 403 Forbidden: Token is valid but lacks required permissions