Authentication
How management keys (fhm_) and tap tokens (fh_) differ, what each one authorizes, the API base URL, and how to pass them as a bearer token on requests.
Firehose has two kinds of API key. Both use bearer-token authentication:
Authorization: Bearer fhm_your_management_key
Authorization: Bearer fh_your_tap_tokenManagement key (fhm_)
Created by an organization admin from the dashboard. Use it to manage taps — create, list, update, and revoke them. A management key cannot manage rules or open the stream. It's shown once at creation, so store it securely.
# List every tap (and its full token) in the organization
curl -s https://api.firehose.com/v1/taps \
-H "Authorization: Bearer $FIREHOSE_MGMT_KEY"GET /v1/taps returns each tap's full token, so a single management key is enough to enumerate
taps and start streaming from any of them.
Tap token (fh_)
Scoped to one tap. Use it to manage that tap's rules and to open the stream. Retrievable
any time from the dashboard or via GET /v1/taps with a management key.
# List the rules on a tap
curl -s https://api.firehose.com/v1/rules \
-H "Authorization: Bearer $FIREHOSE_TAP_TOKEN"Base URL
https://api.firehose.comErrors
| Status | Meaning |
|---|---|
| 401 | Missing or invalid token |
| 403 | Resource not owned by your organization |
| 404 | Not found |
| 422 | Validation error |
| 429 | Rate limit exceeded |
Next steps
Quickstart
Use your keys end to end — mint a tap, add a rule, open the stream.
Management keys
Create, rotate, and revoke the fhm_ keys that manage taps.