Authentication for Ketryx API endpoints happens via API keys.

API keys can be configured at the organization level under Organization > API keys:

Each API key can have the following permissions, controlling what a caller using an API key can do with the API:

1. Report test results: whether new builds and test results can be reported to Ketryx projects

2. Retrieve release status: whether the release status of project versions can be checked

Immediately after creating an API key, a secret token is displayed and can be copied and pasted into a secure location. This token can be used as the Authorization header in direct HTTP requests to the Ketryx API, in the following form:

Authorization: Bearer KXTK_...

API keys can also be used as the api-key parameter to the Ketryx GitHub Action.