Authentication
All API requests require a valid API token in the Authorization header.
Prerequisites
- Active Thevenin account
- Two-factor authentication (2FA) enabled
- API token created from account settings
warning
2FA is required to create and use API tokens. Enable it at Settings → Security.
Creating a Token
- Navigate to Settings → API Tokens
- Click Create Token
- Provide a name and optional description
- Copy the token immediately (shown only once)
Token format:
tvn_4a3b2c1d0e9f8g7h6i5j4k3l2m1n0o9p8q7r6s5t4u3v2w1x0y9z
Usage
Include in every request:
Authorization: Bearer tvn_your_token_here
Security
Do:
- Store tokens in environment variables or secret managers
- Use different tokens per environment
- Rotate tokens regularly
- Delete unused tokens
Don't:
- Commit tokens to version control
- Share tokens via email or chat
- Log tokens in application logs
Managing Tokens
View, revoke, or delete tokens at Settings → API Tokens.