API Key, Bearer & Basic
The three simplest auth methods cover the majority of APIs. Each is configured from the Authorization tab.
API Key
Section titled “API Key”API Key auth sends a credential as either a header or a query parameter.
| Field | Description |
|---|---|
| Key | The name of the header or query parameter (for example X-Api-Key) |
| Value | The API key itself |
| Add to | Where to place the key — Header or Query param |
Use API Key auth when a service issues you a single long-lived key. Choose Header unless the API explicitly expects the key in the URL.
Key: X-Api-KeyValue: {{api_key}}Add to: HeaderBearer
Section titled “Bearer”Bearer auth adds an Authorization: Bearer <token> header.
| Field | Description |
|---|---|
| Token | The bearer token to send |
Use Bearer auth when you already have a token — for example one issued by a separate login step, or one written into a variable by a pre-request script. If you need Vegha to fetch the token for you, use OAuth2 instead.
Token: {{access_token}}Basic auth sends a username and password encoded in an Authorization: Basic header.
| Field | Description |
|---|---|
| Username | The account username |
| Password | The account password |
Username: {{api_user}}Password: {{api_password}}Using variables for values
Section titled “Using variables for values”Every field above accepts {{variable}} interpolation, so you can store credentials in an environment and switch them per target:
Value: {{api_key}}For sensitive values, reference a secret manager with a secret:// URI so the real value is resolved at send time and never written to disk:
Password: secret://aws-secrets-manager/prod/db#passwordSee Secret variables for more.