API Keys
API Keys enable programmatic access to Lamdis for CI/CD integrations, automation, and custom tooling.
Overview
API Keys provide:
- Programmatic Access: Trigger test runs from CI/CD pipelines
- Scoped Permissions: Control what each key can access
- Audit Trail: Track API key usage in audit logs
Creating an API Key
- Navigate to Settings → API Keys
- Click Create API Key
- Configure the key:
- Name: Descriptive name (e.g., “GitHub Actions CI”)
- Permissions: Select allowed operations
- Expiration: Optional expiration date
- Click Create
- Copy the key immediately - it won’t be shown again
API Key Permissions
| Permission | Description |
|---|---|
runs:execute | Start test runs |
runs:read | View run results |
tests:read | View test configurations |
tests:write | Create/modify tests |
suites:read | View suite configurations |
suites:write | Create/modify suites |
Using API Keys
Authentication
Include the API key in the Authorization header:
curl https://api.lamdis.ai/v1/runs \
-H "Authorization: Bearer YOUR_API_KEY"Triggering a Test Run
curl -X POST https://api.lamdis.ai/v1/runs \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"suiteId": "suite_abc123",
"environmentId": "env_prod"
}'Getting Run Results
curl https://api.lamdis.ai/v1/runs/run_xyz789 \
-H "Authorization: Bearer YOUR_API_KEY"Security Best Practices
- Rotate keys regularly - Delete old keys and create new ones
- Use minimal permissions - Only grant permissions the integration needs
- Set expiration dates - For temporary integrations
- Never commit keys to code - Use environment variables or secrets managers
- Monitor usage - Review audit logs for unexpected activity
Revoking Keys
To revoke an API key:
- Go to Settings → API Keys
- Find the key to revoke
- Click Delete and confirm
Revoked keys stop working immediately.
Last updated on