Authentication

All API requests require a Bearer token in the Authorization header.

Authorization Header

Include your API key in every request:


Authorization: Bearer tr_live_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

API Key Scopes

API keys have the following permissions:

Scope	Description
`forms:read`	List forms and get form fields
`responses:read`	Read form submission data
`webhooks:manage`	Subscribe and unsubscribe from webhooks
`knowledge:read`	List and read knowledge sources and stats
`knowledge:write`	Create, update, delete, and process knowledge sources
`knowledge:search`	Perform semantic search on the knowledge base
`chatbot:read`	List and read chatbot configurations
`chatbot:write`	Update chatbot settings
`minds:read`	List and view Minds
`minds:write`	Create, update, delete, and publish Minds

Example Request

cURL


curl -X GET "https://trigglio.com/api/integrations/webhooks/auth/verify" \
  -H "Authorization: Bearer tr_live_your_api_key"

JavaScript


const API_KEY = 'tr_live_your_api_key';
 
const response = await fetch('https://trigglio.com/api/integrations/webhooks/auth/verify', {
  headers: {
    'Authorization': `Bearer ${API_KEY}`
  }
});
 
const data = await response.json();

Python


import requests
 
API_KEY = 'tr_live_your_api_key'
 
response = requests.get(
    'https://trigglio.com/api/integrations/webhooks/auth/verify',
    headers={'Authorization': f'Bearer {API_KEY}'}
)
 
data = response.json()

Security Best Practices

Never expose your API key in client-side code or public repositories.

Store API keys in environment variables
Use server-side code to make API requests
Rotate keys if you suspect they’ve been compromised
Create separate keys for development and production

Managing API Keys

You can manage your API keys in the Trigglio dashboard:

Create new keys with descriptive names
View when keys were last used
Revoke keys that are no longer needed

Each workspace can have up to 10 API keys.