Quickstart

Create an API key

The Sublime API uses API keys for authentication. To generate an API key:

  1. Load your Sublime dashboard
  2. Click Developer in the left-hand navigation
  3. Click the New Key button
  4. Give your API key a name
  5. Click Save

Securing requests

The API relies on HTTPS to keep your API keys safe from man-in-the-middle attacks. Thus, it is very important that you only make requests to the Sublime API using HTTPS, never HTTP.

Authentication

The API uses the Bearer authentication scheme to authenticate requests.

Once you've created your API key, include this header in your requests, replacing YOUR_API_KEY with your API key:

Authorization: Bearer YOUR_API_KEY

For example, here is a complete curl request for fetching the metadata of a message with ID 3391c0e4-2d7e-4eaa-841c-2d5f7146759e:

curl \
    -H "Authorization: Bearer st4o9hnkltjxpz1dcjo1guga8304hjq8ingb6sx3ldyj96isg8k0xg5749jlusiy" \
    https://example.sublimesecurity.com/v0/messages/3391c0e4-2d7e-4eaa-841c-2d5f7146759e

Using with webhooks

The Sublime API and Sublime's webhooks go together like warm chocolate chip cookies and cold, cold milk. Use webhooks to receive notifications when a message is flagged, and use the API to take actions like adding message details to a Jira ticket and providing the option to trash a message directly from that ticket.