Authentication

How to authenticate with the Watchtower API.

Authentication

There are two ways to authenticate with Watchtower, depending on what you are trying to do:

API Key Authentication: For sending events to the ingestion API.
Session-Based Authentication: For accessing the dashboard and management APIs.

API Key Authentication

When you are sending event data to Watchtower from your applications, you must use an API key. This is the standard method for all server-to-server communication.

Finding Your API Key

Your API key is created when you set up a new project. You can find it on the Projects page in your dashboard. Each project has its own unique API key.

All Watchtower API keys are prefixed with wt_.

Using Your API Key

To authenticate, you must include your API key in the Authorization header of your HTTP request as a bearer token.

Authorization: Bearer wt_your_api_key_here

Here is an example using curl:

curl -X POST https://app.watchtower.ai/api/events \
  -H "Authorization: Bearer wt_your_api_key_here" \
  -H "Content-Type: application/json" \
  -d 
    {
      "level": "info",
      "message": "Application started successfully",
      "projectId": "proj_12345"
    }

Security Note: Your API key is a secret. Do not expose it in client-side code or commit it to version control. Store it securely in an environment variable or a secrets management service.

Session-Based Authentication

When you are using the Watchtower dashboard or accessing management APIs (like creating projects or inviting team members), you will be authenticated using a traditional session cookie.

This is handled automatically when you sign in to your Watchtower account. Our application uses NextAuth.js for secure, passwordless authentication.