Dynamiq

Authentication

Which credential calls what: access keys for deployed apps and the gateway, personal access tokens for the management API.

Every API request authenticates with a bearer token:

curl "https://api.getdynamiq.ai/v1/apps?project_id=$PROJECT_ID" \
  -H "Authorization: Bearer $DYNAMIQ_PAT"

There are two kinds of keys, created in different places and accepted by different endpoints.

Access Keys

Created under Settings → Access Keys, scoped to an organization or a single project. Use them for everything that runs server-to-server:

  • Deployed app endpoints — the Runs API and invoke calls on https://<your-app-hostname>
  • The AI Gateway at https://router.getdynamiq.ai
  • The trace collector at https://collector.getdynamiq.ai

A project-scoped key can only reach apps and resources in that project; an org-scoped key reaches every project in the organization.

The key value is shown once at creation. Store it in a secret manager; revoke and recreate if it leaks.

Personal Access Tokens

Created from your profile settings under the Personal access tokens tab, tied to your user account and its permissions. Use them for management automation acting as you — CI scripts that manage workflows, the Dynamiq CLI, and local tooling.

Which key for which call

Endpoint groupAccess KeyPersonal Access Token
Runs API on the app hostname
AI Gateway /v1/chat/completions
Trace collector /v1/traces
Management API (apps, traces, sessions, triggers)
CLI / management automation

For a UI walkthrough of creating and rotating keys, see API Keys & Tokens.

API Keys & Tokens guide

Creating, scoping, and rotating keys in the UI.

Runs API

Call your deployed app.

API Reference

REST API surface for integrating with Dynamiq: deployed apps, runs, conversations, knowledge bases, and the AI gateway.

Upload a file

Uploads a file to the app's storage so it can later be attached to a run via `file_ids`. The maximum request size is 128 MiB.

On this page

Access KeysPersonal Access TokensWhich key for which call