Sign inTry Free

Flow on Helios API Authentication

On this page

Flow on Helios API supports HTTP Bearer authentication. To access the API, you must provide your API key in the Authorization header in each HTTP request. An example Authorization header is as follows.

Authorization: Bearer 28790ecd46256d9024e7b21a737493b2ed2872e6883808a87843d1ce9839d0d3

While making API calls through an HTTP client (such as cURL), you can pass the API key using the -H parameter:

curl -X 'GET' \
  'api_endpoint_url' \
  -H 'accept: application/json' \
  -H 'Authorization: Bearer <API_key>'

Generate an API Key

The Flow on Helios API authenticates requests using a unique, hex-encoded alphanumeric key. When a user is a member of multiple organizations, they can have multiple API keys, one for each organization. The API key defines the operations that a user can perform.

You can generate this API key on the Cloud Portal. Follow these instructions to generate API keys:

  1. On the Cloud Portal, in the navigation pane, select your organization.

  2. In the navigation pane, select Configuration > API keys. Under Active Keys > Create API key.

  3. Specify a name and expiration date for the API key, select Access Level as All access (or any specific team should suffice), and select Create.

Important

The API key is displayed only once. Be sure to copy and securely store it.

Revoke an API Key

To revoke an API key, navigate to the API keys section under Configuration on the Cloud Portal. Under the Active Keys tab, select the delete icon under the Actions column for the API key, and select Revoke.

API keys that are not manually revoked expire on the expiration date defined while creating the API key. A revoked API key cannot be reinstated.

Last modified: October 16, 2025

Was this article helpful?

On this page

Was this article helpful?

Verification instructions

Note: You must install cosign to verify the authenticity of the SingleStore file.

Use the following steps to verify the authenticity of singlestoredb-server, singlestoredb-toolbox, singlestoredb-studio, and singlestore-client SingleStore files that have been downloaded.

You may perform the following steps on any computer that can run cosign, such as the main deployment host of the cluster.

  1. (Optional) Run the following command to view the associated signature files.

    curl undefined

  2. Download the signature file from the SingleStore release server.

    • Option 1: Click the Download Signature button next to the SingleStore file.

    • Option 2: Copy and paste the following URL into the address bar of your browser and save the signature file.

    • Option 3: Run the following command to download the signature file.

      curl -O undefined

  3. After the signature file has been downloaded, run the following command to verify the authenticity of the SingleStore file.

    echo -n undefined |
        cosign verify-blob --certificate-oidc-issuer https://oidc.eks.us-east-1.amazonaws.com/id/CCDCDBA1379A5596AB5B2E46DCA385BC \
          --certificate-identity https://kubernetes.io/namespaces/freya-production/serviceaccounts/job-worker \
          --bundle undefined \
          --new-bundle-format -
    Verified OK

Try Out This Notebook to See What’s Possible in SingleStore

Get access to other groundbreaking datasets and engage with our community for expert advice.

Sign UpLog In