Authentication

Authenticate with the Nullify REST API to access endpoints

Service Accounts

Create service-account tokens for any automation that talks to the Nullify API.

Open your tenant at https://app.<TENANT>.nullify.ai.
Navigate to Configure → Service Accounts (/dashboard/configure/service-accounts/).
Generate a service account, copy the token, and store it in your secrets manager. Tokens are only shown once in the UI.

Service accounts inherit the permissions you assign when creating them. Use separate accounts for different automations so you can rotate or revoke access without broad impact.

Request Headers

Include the token in the Authorization header of every API call:

curl --request GET \
  --url "https://api.<TENANT>.nullify.ai/endpoint" \
  --header "Authorization: Bearer <TOKEN>"

Requests without a valid token return 403 Forbidden. A 404 Not Found response indicates the token lacks permission for the resource or the endpoint is disabled for your tenant.

Rotation & Revocation

Rotate service-account tokens on a schedule that matches your internal security policy.
Remove unused accounts from Configure → Service Accounts to immediately revoke access.
Audit usage in your infrastructure by monitoring for calls to https://api.<TENANT>.nullify.ai with the relevant account ID.

PreviousNullify API NextPagination

Last updated 12 days ago

Was this helpful?