EUlabel
Authentication

Authentication

How to authenticate with the EUlabel API using API keys or session-based authentication.

The EUlabel API supports two authentication methods depending on your use case.

API Key (Bearer Token)

For machine-to-machine integrations, scripts, and CI pipelines. Include your API key in the Authorization header:

curl https://api.eulabel.eu/v1/products \
  -H "Authorization: Bearer sk_live_YOUR_API_KEY"

API keys are scoped to a specific organization and can be restricted to specific permissions.

PropertyDescription
Formatsk_live_ prefix (production) or sk_test_ prefix (sandbox)
ScopePer organization, per environment
Use casesPIM webhook delivery, bulk data sync, CI/CD pipelines

For browser-based access through the EUlabel Dashboard:

PropertyDescription
ProviderWorkOS (SAML, OIDC, Google, Microsoft)
SessionServer-side with refresh token rotation
Use casesDashboard access, API key management

Permissions (Scopes)

Every API key is assigned one or more permission scopes that control what resources it can access.

ScopeGrants
products:readList and get products, passports, QR codes
products:writeCreate products
passports:readRead passport data
passports:writeCreate and publish passports
suppliers:readList suppliers
suppliers:writeCreate suppliers
analytics:readView scan analytics
api_keys:manageManage API keys (session only)

Error responses

StatusMeaning
401Missing or invalid API key
403Valid API key but insufficient permissions for this endpoint

Sandbox Environment

Test the EUlabel API with pre-populated sample data in the sandbox.

API Keys

Create, rotate, and revoke API keys for the EUlabel API.

On this page

API Key (Bearer Token)Session CookiePermissions (Scopes)Error responses