Flint
API Reference

Authentication

How to authenticate with the Flint API

Authentication

Secure your API requests with Flint's authentication system.

API Keys

API keys are used to authenticate requests to the Flint API. You can manage your API keys from the Flint dashboard.

Creating an API Key

  1. Navigate to SettingsAPI Keys in your dashboard
  2. Click Generate New Key
  3. Provide a descriptive name for the key
  4. Select the appropriate permissions
  5. Copy and securely store your key

API keys are only shown once. Store them securely and never commit them to version control.

Using Your API Key

Include your API key in the Authorization header of every request:

curl -X GET https://api.flint.com/documents \
  -H "Authorization: Bearer flint_live_abc123xyz789"

JavaScript Example

const response = await fetch('https://api.flint.com/documents', {
  headers: {
    'Authorization': 'Bearer flint_live_abc123xyz789',
    'Content-Type': 'application/json'
  }
});

Python Example

import requests

headers = {
    'Authorization': 'Bearer flint_live_abc123xyz789',
    'Content-Type': 'application/json'
}

response = requests.get(
    'https://api.flint.com/documents',
    headers=headers
)

API Key Types

Live Keys

  • Used in production environments
  • Full access to all API endpoints
  • Format: flint_live_*

Test Keys

  • Used for development and testing
  • Access to sandbox environment only
  • Format: flint_test_*

Security Best Practices

  1. Rotate keys regularly - Generate new keys every 90 days
  2. Use environment variables - Never hardcode keys in your application
  3. Restrict permissions - Grant only necessary permissions to each key
  4. Monitor usage - Review API key activity in your dashboard
  5. Use HTTPS - Always make requests over HTTPS

OAuth 2.0 (Enterprise)

Enterprise customers can implement OAuth 2.0 for more granular access control.

Authorization Flow

  1. Redirect users to Flint's authorization endpoint
  2. User grants permissions
  3. Receive authorization code
  4. Exchange code for access token
  5. Use access token for API requests

Contact your account manager for OAuth 2.0 setup instructions.

Troubleshooting

Invalid API Key

{
  "error": {
    "code": "INVALID_API_KEY",
    "message": "The provided API key is invalid or has been revoked"
  }
}

Solution: Verify your API key in the dashboard and ensure it hasn't been revoked.

Insufficient Permissions

{
  "error": {
    "code": "INSUFFICIENT_PERMISSIONS",
    "message": "This API key doesn't have permission to access this resource"
  }
}

Solution: Check the key's permissions in the dashboard or use a different key with appropriate access.

API Introduction

Getting started with the Flint API

Documents API

API endpoints for managing and processing documents

On this page

AuthenticationAPI KeysCreating an API KeyUsing Your API KeyJavaScript ExamplePython ExampleAPI Key TypesLive KeysTest KeysSecurity Best PracticesOAuth 2.0 (Enterprise)Authorization FlowTroubleshootingInvalid API KeyInsufficient Permissions