Skip to main content
To use the Evergreen Ai API, you need to authenticate your requests using an API key. You can obtain an API key from your Evergreen dashboard. Include the API key in the Authorization header of your HTTP requests: 
Authorization: Bearer tedi_****
Example request: 
curl -X POST "https://api.evergreens.ai/v1/your-endpoint" \
     -H "Authorization: Bearer tedi_****" \
     -H "Content-Type: application/json" \
     -d '{
       "key": "value"
     }'

Security Best Practices

Never share your API key publicly or expose it in client-side code. Treat it like a password and store it securely.

Key Permissions System

Evergreen Ai implements a sophisticated RBAC (Role-Based Access Control) system for API keys. When creating an API key, you can assign specific roles and permissions to control what actions the key can perform. This helps enhance security by limiting access based on the principle of least privilege.
  1. ResourceType: The category of resource (api, ratelimit, rbac, identity)
  2. ResourceID: The specific resource instance (e.g., a particular API or user)
  3. Action: The operation to perform on that resource
Permissions distribution is currently disabled for simplicity but will be enabled in future updates.

Available Resource Types

Resource TypeDescription
apiAPI-related resources, such as endpoints and keys
ratelimitRate limiting resources and configuration
rbacPermissions and roles management
identityUser and identity management

Authentication Errors

If your authentication fails, you’ll receive a 401 Unauthorized response with an error message: 
{
  "status": false,
  "error": "Invalid API key"
}
If api key is missing, you’ll receive a 401 Unauthorized response with an error message: 
{
  "status": false,
  "error": "Authorization header missing"
}
Ensure that you include a valid API key in your requests to avoid these errors. If you continue to experience issues, verify that your API key is correct and has the necessary permissions for the requested operation.