Authentication

To access the GridFlow API, you need to authenticate using an API token. This token should be included in the request headers as an ‘Authorization’ field.

'Authorization': 'Token <your_api_token>'

​

API Tokens

API tokens are unique identifiers that grant access to the GridFlow API. They allow you to make authorized requests to our services on behalf of your account. To obtain an API token, follow these steps:

1. Sign in to your GridFlow account at https://dashboard.grdflo.com.
2. Navigate to the ‘API Tokens’ section.
3. Click ‘Create New Token’ and provide a descriptive name for the token.
4. Copy the generated token and store it securely.

​

Permissions

Different API tokens may have different permissions, depending on the role assigned to the user. Ensure that your API token has the necessary permissions to access the desired endpoints.

To manage user roles and permissions, follow these steps:

1. Sign in to your GridFlow account at https://dashboard.grdflo.com.
2. Navigate to the ‘User Management’ section.
3. Click on a user to edit their role and permissions, or create a new user with the desired role.

​

Token Security

API tokens are sensitive pieces of information, as they grant access to your account and its associated data. Keep the following best practices in mind to ensure the security of your API tokens:

• Store API tokens securely and do not share them with unauthorized individuals.
• Rotate API tokens regularly and revoke tokens that are no longer in use.
• Monitor usage of your API tokens to detect any unauthorized access.

​

Rate Limits

To ensure fair usage of the GridFlow API, there are rate limits imposed on the number of requests you can make within a certain time period. The rate limits depend on your subscription plan and are documented in the API reference.

If you exceed the rate limits, you will receive an HTTP 429 ‘Too Many Requests’ response. To avoid hitting rate limits, implement exponential backoff and retry strategies in your API clients.