Skip to main content
This document covers the authentication process for the Pipeline API. All pipelines require a valid GoldRush API key. This guide explains how to obtain a key, how authentication works for pipelines, and how destination credentials are managed.

Why is Authentication Required?

Authentication is essential to ensure that only authorized users can create and manage pipelines. It allows us to manage access, track usage for billing, and ensure the security and stability of our services.

1. Obtaining a GoldRush API Key

To begin, register for an API key at the GoldRush Platform. This key will be required to create and manage pipelines.

Vibe Coders

$10/mo - Built for solo builders and AI-native workflows.

Teams

$250/mo - Production-grade with 50 RPS and priority support.

2. How Authentication Works

Platform Authentication

You authenticate with the GoldRush Platform using your API key when you log in. All pipeline operations - creating, updating, deploying, and monitoring pipelines - are performed through the GoldRush Platform.

Source Credentials

Source data credentials are fully managed by GoldRush. You do not need to provide any source credentials, run your own nodes, or manage any upstream infrastructure. The Pipeline API reads from Covalent’s database on your behalf.

Destination Credentials

Destination credentials (database passwords, API keys, access tokens) are provided by you when configuring a pipeline. These are stored securely and injected at deploy time via environment variable interpolation. In your pipeline configuration, destination credentials use ${ENV_VAR} syntax: 
destination:
  type: "postgres"
  url: "postgresql://your-host:5432/your-database"
  user: "${PG_USER}"
  password: "${PG_PASSWORD}"
Destination credentials are never stored in plaintext in your pipeline configuration. They are resolved from securely stored environment variables at deploy time.

3. Error Handling

If an authentication-related error occurs, the GoldRush Platform will display an error message. Common authentication issues include:
IssueDescription
Invalid API keyThe API key provided is incorrect or has been revoked.
Expired planThe account’s subscription has lapsed.
Destination credential failureThe pipeline could not connect to your destination using the provided credentials.
Destination credential errors are reported in the Pipeline dashboard after deployment. If your pipeline fails to start, check that your database host is reachable and that the username and password are correct.
For a complete guide to error codes, retry strategies, and debugging tips, see Error Handling & Troubleshooting.

Frequently Asked Questions (FAQ)

  • Are the API keys the same for the different GoldRush products?
    • Yes, the same API key is used to authenticate with all GoldRush products - Foundational API, Streaming API, Pipeline API, CLI, and x402.
  • Where can I find my API key?
  • How are my destination credentials stored?
    • Destination credentials are stored as encrypted environment variables within the GoldRush Platform. They are injected into your pipeline configuration at deploy time and are never exposed in logs or the UI after being set.
  • Do I need to allowlist GoldRush IP addresses?
    • If your database or webhook endpoint is behind a firewall, you may need to allowlist GoldRush’s egress IP addresses. Contact support for the current list.