Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add Project Auth section #73

Closed
wants to merge 2 commits into from
Closed

add Project Auth section #73

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
b6caace
add project auth section
kevinmingtarja Dec 10, 2024
de07b55
fix lint
kevinmingtarja Dec 10, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions integrate-api.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,11 +10,11 @@ Hypermode makes it easy to incrementally add intelligence your app.
You can find your project's API endpoint in the Hypermode Console, in your
project's Home tab, in the format `https://<slug>.hypermode.app/<path>`.

## API token
## API key

Hypermode protects your project's endpoint with an API key. In your project
dashboard, navigate to **Settings** → **API Keys** to find and manage your API
tokens.
keys.

From your app, you can call the API by passing the API token in the
`Authorization` header. Here's an example using the `fetch` API in JavaScript:
Expand Down
1 change: 1 addition & 0 deletions mint.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,7 @@
"pages": [
"create-project",
"modify-project",
"project-auth",
"modify-organization",
"user-management"
]
Expand Down
48 changes: 48 additions & 0 deletions project-auth.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,48 @@
---
title: Project Auth
description: "Manage auth for your project"
---

By default, Hypermode protects your project's endpoint with an API key, but you
can also bring your own auth too.

## Retrieve API key

To use the Hypermode API key, navigate to **Settings** → **API Keys** in your
project dashboard. From there, you can copy your API key to a secure location
for your app to consume.

## Rotate API key

There might be times when you need to rotate your API key. This could be due to
a security breach, accidentally leaking your API key, and so on.

Before rotating your API key, navigate to **Settings** → **Auth** in your
project dashboard. Take note of the name of the `PEM key` with `hypermode-` as
the prefix. You will need to delete this as the final step of this process.

Check failure on line 22 in project-auth.mdx

View check run for this annotation

Trunk.io / Trunk Check

vale(error) 

[new] Avoid using 'will'.
Comment on lines +20 to +22
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah - I understand why they need to do this, but unless they read these docs very carefully, it's likely they won't. Then they'll get to the final step and not know which to delete.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should we expose when the API key was created so they can easily find the oldest one?


Next, navigate to **Settings** → **API Keys**, and click the `Rotate` button.
This will generate a new API key, and you can copy it to a secure location.

Check failure on line 25 in project-auth.mdx

View check run for this annotation

Trunk.io / Trunk Check

vale(error) 

[new] Avoid using 'will'.

At this point, both the old and new API keys are valid. This is so that you can
update your app to use the new API key without incurring any downtime.

Once you have updated your app to use the new API key, navigate back to
**Settings** → **Auth**. You will notice that there are now two `PEM keys`, the

Check failure on line 31 in project-auth.mdx

View check run for this annotation

Trunk.io / Trunk Check

vale(error) 

[new] Avoid using 'will'.
one you saw earlier, and the new one, also prefixed with `hypermode-` but with
different random characters. You can now safely delete the old one. This will

Check failure on line 33 in project-auth.mdx

View check run for this annotation

Trunk.io / Trunk Check

vale(error) 

[new] Avoid using 'will'.
invalidate the old API key.

## Bring your own auth

As you may have known, Modus has its own [authentication](/modus/authentication)
features. So you can choose to implement your own auth, instead of using the
Hypermode API key.

To do this, navigate to **Settings** → **Auth** in your project dashboard. From
there, you can upload your own verification key either as a JWKS endpoint or in

Check failure on line 43 in project-auth.mdx

View check run for this annotation

Trunk.io / Trunk Check

vale(error) 

[new] Spell out 'JWKS', if it's unfamiliar to the audience.
PEM encoded format. The Modus runtime will use this to verify the JWTs sent to

Check failure on line 44 in project-auth.mdx

View check run for this annotation

Trunk.io / Trunk Check

vale(error) 

[new] Spell out 'PEM', if it's unfamiliar to the audience.

Check failure on line 44 in project-auth.mdx

View check run for this annotation

Trunk.io / Trunk Check

vale(error) 

[new] Avoid using 'will'.

Check failure on line 44 in project-auth.mdx

View check run for this annotation

Trunk.io / Trunk Check

vale(error) 

[new] Did you really mean 'JWTs'?
your app.

At this point, you can safely delete the default Hypermode `PEM key` to
invalidate the Hypermode API key.
Loading