Authentication | termina

Access to Termina API endpoints is secured using an HTTP Bearer token. Use your API key to obtain a JWT Bearer token via the Get Token endpoint. Include this token in the Authorization header of your requests to securely access your data. The JWT contains user-specific roles granting permission to different resources.

Request and Response Errors

HTTP Status Code	Description
401 Unauthorized	The request lacks valid authentication credentials or the provided token is invalid.
403 Forbidden	The client does not have sufficient permission to access the requested resource.
404 Not Found	The requested resource could not be found.
409 Conflict	The request is trying to create or update a resource that already exists or has conflicting information.
422 Unprocessable Entity	The request is well-formed but contains semantic errors.

Additional Information

If a client exceeds the rate limit, a 429: Too Many Requests response will be returned. JWTs created using your API key have a 1 hour expiration and will need to be refreshed at regular intervals to avoid authentication errors.

Permissions and Access Control

Access permissions are determined by the user roles associated with your API key. The Termina API uses a role-based access control (RBAC) system with the following roles:

Role	Description
reader	Read-only access to resources (view deals, data, files, etc.)
editor	Read and write access (create/update deals, upload files, modify data)
admin	Full access including user management (add/remove team members, manage permissions)

Your API key’s role determines what actions you can perform across all groups and deals you have access to.