All public REST API endpoints require a service account with an API key. Service accounts are created in the Jaws Deploy UI and scoped to a workspace with explicit roles (deploy, manage workspace, push packages, etc.).
Basic auth header
Send the credentials as HTTP Basic auth:
Authorization: Basic <base64(serviceAccountId:apiKey)>Example with curl:
curl -u $JAWS_SA_ID:$JAWS_API_KEY \
https://app.jawsdeploy.net/api/environment?workspaceId=$WSPermission model
Every endpoint runs through a guard derived from the service account's roles. If the credentials are valid but the account is missing a required role, you get 401 Unauthorized with errorcode = InsufficientPermissions and a message describing the missing capability.
Tips
- Create one service account per integration. Don't share keys across CI jobs.
- Scope each service account to the smallest set of workspaces it needs.
- Rotate API keys when staff with access changes.