Authentication
API key authentication and permissions.
Authentication
RawTree API requests use bearer authentication.
Authorization: Bearer rw_...Use rtree login for interactive CLI workflows. Use API keys for agents, scripts, services, and CI.
Create an API key
rtree key create --name my-agent --permission read_writePermissions
| Permission | Insert | Query | Logs | Delete table | Manage API keys |
|---|---|---|---|---|---|
admin | Yes | Yes | Yes | Yes | Yes |
read_write | Yes | Yes | Yes | No | No |
write_only | Yes | No | No | No | No |
read_only | No | Yes | Yes | No | No |
Recommendations
- Use
read_writefor agents that ingest and query. - Use
read_onlyfor dashboards, audits, and validation jobs. - Use
write_onlyfor event producers. - Use
adminonly for key management and destructive operations.
Environment variables
export RAWTREE_TOKEN=rw_...
export RAWTREE_PROJECT=analytics
export RAWTREE_ORG=team_alphaThe CLI reads RAWTREE_TOKEN before saved local credentials.