Pinrail Docs
DevelopmentAPI

API Authentication

How to authenticate production API requests against the current Pinrail tenant-facing API surface.

Authentication Model

The currently published Pinrail tenant APIs use user-scoped API keys created from the TMS account page.

Create A Key

  1. Sign in to https://tms.pinrail.xyz
  2. Open Account -> API
  3. Create a new key
  4. Store the one-time displayed value in your secret manager

Send The Key

Use either of these headers:

X-API-Key: pinrail_live_...

or

Authorization: Bearer pinrail_live_...

Example

curl -sS \
  -H 'X-API-Key: $PINRAIL_API_KEY' \
  https://api.pinrail.xyz/v1/portal

Key Scope

API keys inherit the same account visibility and scope rules as the user who created them. That means:

  • a tenant only sees terminals, groups, and reports already visible in TMS
  • admin and moderator behavior follows the same access model as the portal
  • revoking a key immediately removes API access for that token

Integration Catalog

Contract-derived reference for the live Pinrail integration surface published from pinrail-platform.

Portal Data APIs

Tenant-facing portal data APIs with examples, filters, and live production request guidance.

On this page

Authentication ModelCreate A KeySend The KeyExampleKey Scope