Credentials, Scopes, and Tenant Context

Velane supports three credential types. Use the right one for each surface.

Credential types

• Session JWT
  • Used by the admin portal login flow
  • Best for human dashboard usage
• API key (vl_...)
  • Best for automation, scripts, CLI, and server-to-server calls
• Embed token (et_...)
  • For embedded experiences
  • Intended for embed flows, not full admin access

Scope model

Velane permissions are scope-based:

• invoke: read/invoke level actions
• manage: create/update operational resources
• admin: destructive/team/admin actions

As a rule:

• reads generally require lower privilege
• writes require manage
• sensitive tenant administration requires admin

Tenant context (X-Tenant)

Velane is multi-tenant. Many API requests are resolved in tenant context.

When you call APIs directly, include your tenant context where required:

X-Tenant: myorg

Practical defaults

• Human admins: use session login in the portal
• CI/automation: use vl_ API keys with minimum required scope
• Embeds: use et_ tokens and keep TTL short

Security basics

• Do not share API keys in client-side code
• Rotate keys periodically
• Keep embed tokens short-lived
• Prefer least privilege by default

Related docs

• Auth and Request Flow
• Security Non-Negotiables
• Generated References Plan