Authentication
The Glance API uses API keys for authentication. You can create and manage API keys from the Settings page in your Glance dashboard.
API Keys
API keys grant programmatic access to your Glance account. Each key is scoped to a specific company and user, inheriting the associated role's permissions (viewer, employee, editor, or owner).
Security: Treat your API keys like passwords. Never expose them in client-side code, public repositories, or browser requests. Store them in environment variables or a secrets manager.
Making Authenticated Requests
Include your API key in the Authorization header as a Bearer token:
GET /clients HTTP/1.1 Host: api.glance.app Authorization: Bearer glnc_sk_your_api_key_here Content-Type: application/json
Roles & Permissions
API keys inherit role-based access control. The role hierarchy from lowest to highest:
| Role | Description | Access Level |
|---|---|---|
viewer | Read-only access | Can view data but cannot create, edit, or delete |
employee | Basic access | Can view and create most resources |
editor | Full operational access | Can view, create, edit, and delete resources |
owner | Full administrative access | All permissions including API key management and settings |
Authentication Errors
If authentication fails, you will receive a 401 Unauthorized response:
{
"error": "Unauthorized",
"message": "Invalid or missing API key",
"statusCode": 401
}