Authentication Guide
To keep your data safe and access secure, all GreenGrid API requests must be authenticated. This guide walks you through how to get started.
Why Authentication Matters
Authentication ensures that only authorized users can access data and perform actions. It protects customer privacy and prevents misuse of energy insights.
API Key Basics
You need a GreenGrid API key to make authenticated requests.
Get Your API Key
- Log in to your GreenGrid Developer Dashboard.
- Go to API Keys.
- Click Create New Key.
- Copy and store your key securely. You won’t be able to view it again.
Tip: Treat your API key like a password. Don’t share it or commit it to public code.
Making Authenticated Requests
All authenticated requests must include your API key in the Authorization header.
Example Header
GET /v1/energy-insights HTTP/1.1
Host: api.greengrid.com
Authorization: Bearer YOUR_API_KEY
Replace YOUR_API_KEY with your actual key.
Token Expiry & Rotation
While API keys do not expire by default, we recommend rotating keys every 90 days for best security practices.
Rotate Your API Key
- Log in to the Developer Dashboard.
- Revoke the old key.
- Generate a new key.
- Update your systems immediately.
Error Handling
Here are common authentication errors and how to resolve them:
| Status Code | Message | What to Do |
|---|---|---|
| 401 | Unauthorized | Check your API key. Make sure it’s valid. |
| 403 | Forbidden | Your key may lack the required permissions. |
| 429 | Too Many Requests | You’ve hit your rate limit. Try again later. |
Keep It Secure
- Use HTTPS for every request.
- Store keys in server-side environment variables.
- Never expose keys in client-side code.
Need help? Contact Support or view the API Reference.