Basilisk Logo
BasiliskDocs

Authentication

Learn how to authenticate with the Basilisk API.

Web Console Authentication

The Basilisk Web Console uses standard authentication methods:

  • Email and password authentication
  • Social login with Google or GitHub
  • Email invitations from organization admins

Once authenticated, you'll have access to your organization's projects, definitions, data sources, builds, and environments based on your role and permissions.

Environment Endpoints

Data builds published to environments are accessible via HTTP endpoints. The exact endpoint URL is provided in the Web Console for each environment.

Environment endpoints may require authentication depending on your configuration:

  • Public endpoints: No authentication required, suitable for client-side applications
  • Authenticated endpoints: Require API keys or tokens, suitable for server-side applications
// Example: Fetching a data build from an environment
const response = await fetch('https://your-environment.basilisk.io/data-builds/latest', {
  headers: {
    'Authorization': 'Bearer your_api_key_here', // If authentication is required
  },
});

const dataBuild = await response.arrayBuffer();
// Deserialize using Protocol Buffers

Google Platform Credentials

When using Google Spreadsheets as data sources, Basilisk needs access to Google Sheets. This is typically configured at the organization or project level:

  • Google Platform credentials are configured in the Web Console
  • Credentials are stored securely and used to access spreadsheets
  • Only authorized users can modify credential configuration

The Web Console handles the OAuth flow and credential management automatically when adding data sources.

Role-Based Access Control

Basilisk supports role-based access control at multiple levels:

  • Organization level: Admins can manage users, projects, and organization settings
  • Project level: Project admins can manage definitions, data sources, builds, and environments
  • Environment level: Access can be restricted to specific environments (e.g., production)

Permissions are managed through the Web Console by organization and project administrators.

Security Best Practices

  • Use strong passwords or enable social login
  • Rotate API keys and credentials regularly
  • Limit access to production environments
  • Review user permissions periodically
  • Enable two-factor authentication if available
  • Keep Google Platform credentials secure