Authentication

Docs

Reference

Authentication

Secure your interactions with the MigrateClouds platform using our authentication methods.

Authentication is required for all MigrateClouds operations

Whether you're using our web interface, SDKs, or direct API calls, you'll need to authenticate to access your resources.

API Keys

API keys provide a simple way to authenticate with the MigrateClouds platform. Each key is unique to your account and grants access to resources based on your account permissions.

Generating an API Key

Navigate to your Account Settings in the MigrateClouds dashboard
Select the API Keys tab
Click Create New API Key
Enter a descriptive name for your key (e.g., "Development", "Production")
Select the appropriate scope for your key (see Permissions section below)
Click Generate Key

Important

Your API key will only be displayed once. Store it securely as you won't be able to retrieve it again. If you lose your key, you'll need to generate a new one.

Using Your API Key

Include your API key in the Authorization header of your HTTP requests:

Authorization: Bearer YOUR_API_KEY

Example request using cURL:

curl -X GET \
  https://api.migrateclouds.com/v1/files \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json"

API Key Permissions

When creating an API key, you can specify one of the following permission scopes:

Read-only

Can only retrieve data and cannot make changes to your resources.

Ideal for monitoring applications and dashboards.

Read-write

Can retrieve data and make changes to your resources.

Suitable for most integration scenarios.

Admin

Full access to all operations, including account management.

Use with caution, only for trusted applications.

Custom

Granular control over specific operations and resources.

Best for applications that need limited access.

Managing API Keys

You can view, edit, and revoke your API keys from the API Keys tab in your Account Settings.

Rotating API Keys

For security, we recommend rotating your API keys periodically:

Generate a new API key with the same permissions
Update your applications to use the new key
Verify that everything works correctly
Revoke the old API key

Security Best Practices

Do

Store API keys in secure environment variables
Use different keys for different environments
Apply the principle of least privilege
Rotate keys periodically
Monitor key usage for suspicious activity

Don't

Hardcode API keys in your source code
Store API keys in public repositories
Share API keys between applications
Use the same key for development and production
Expose API keys in client-side code

Troubleshooting

Error	Cause	Solution
401 Unauthorized	Invalid or expired credentials	Check your API key or refresh your access token
403 Forbidden	Insufficient permissions	Request additional permissions or use a different API key
429 Too Many Requests	Rate limit exceeded	Implement backoff strategy and reduce request frequency
400 Bad Request	Invalid request parameters	Check the error message for details on what's wrong

API Reference API Endpoints

Getting Started

Cloud Services

Features

Integrations

API Reference