Authentication - Drumtix

The Drumtix API uses API keys for authentication. Every request must include a valid key in the Authorization header.

Generating an API key

Go to Settings → API in your dashboard
Click Generate Key
Copy the key immediately — it is only shown once

Making authenticated requests

Pass your API key as a Bearer token in the Authorization header:

curl https://app.drumtix.com/api/v1/events \
  -H "Authorization: Bearer YOUR_API_KEY"

Key permissions

API keys have read access to all data within your organisation. Write operations (creating or modifying events) are not currently supported via the API.

Rotating a key

If your key is compromised:

Go to Settings → API
Click Revoke next to the key
Generate a new key
Update any integrations using the old key

Revoked keys are immediately invalidated — requests using them will return 401 Unauthorized.

Security

Store API keys in environment variables, not in source code
Never expose API keys in client-side JavaScript or public repositories
Rotate keys periodically as a security best practice

​Generating an API key

​Making authenticated requests

​Key permissions

​Rotating a key

​Security

Generating an API key

Making authenticated requests

Key permissions

Rotating a key

Security