Skip to main content

Authorization

Follow this guide to create a new Devin AI credential that will allow Nexla to authenticate to and exchange data with your Devin AI organization.
devin_ai_api_auth.png

Devin AI

Prerequisites

To connect Nexla to your Devin AI organization, you will need a Devin AI API key (also called a Service User API key) and your Organization ID. Devin AI uses a service user model for programmatic API access — service users are separate identities from human users, appear independently in audit logs, and their permissions are controlled through role-based access control (RBAC).

Obtain Your Organization ID

Your Organization ID is required for all Devin AI v3 API endpoints. It identifies the specific organization whose data Nexla will access.

  1. Sign in to your Devin AI account at app.devin.ai.

  2. Navigate to Settings > Service Users in the left-hand navigation.

  3. Your Organization ID is displayed on the Service Users page. Copy and save this value — you will need it when configuring the Nexla credential.

Create a Service User and Generate an API Key

Devin AI API keys are tied to service users — dedicated machine identities used for integrations and automated workflows. Creating a dedicated service user for Nexla ensures that API activity is clearly attributed and permissions can be precisely scoped.

  1. From the Settings > Service Users page in the Devin AI web app, click Create Service User.

  2. Enter a descriptive name for the service user (e.g., nexla-integration) to make it easy to identify in audit logs.

  3. Assign a role to the service user that includes the permissions required for your integration:

    • To read sessions, playbooks, secrets, and knowledge notes, the service user needs read permissions for those resource types.

    • To create or modify sessions, playbooks, secrets, or knowledge notes, the service user needs write permissions for those resource types.

    Assign only the permissions your integration actually requires. Following the principle of least privilege reduces the risk of unintended changes to your Devin AI organization. Additional permissions can be granted later if needed.

  4. After saving the service user, click Generate API Key on the service user's detail page.

  5. Copy the generated API key immediately. The key begins with cog_ and is displayed only once — it cannot be retrieved after you leave the page. Store it securely in a password manager or secret management system.

    Important

    The API key is shown only once at the time of creation. If you lose the key, you will need to generate a new one. Never share your API key or commit it to source control.

For complete details on service user setup and permission scopes, see the Devin AI API Authentication documentation and the API Overview.

Create a Devin AI Credential

  • To create a new Devin AI credential, after selecting the data source/destination type, click the Add Credential tile to open the Add New Credential overlay.

Credential Name & Description

  1. Enter a name for the credential in the Credential Name field and a short, meaningful description in the Credential Description field.

    Resource descriptions are recommended but are not required. They should be used to provide information about the resource purpose, data freshness, etc. that can help the owner and other users efficiently understand and utilize the resource.

API Key Authentication

Devin AI uses Bearer token authentication. Nexla sends your API key as an Authorization: Bearer header on every request to the Devin AI API.

  1. Enter your Devin AI API key (beginning with cog_) in the API Key field. This key authenticates Nexla as the service user and controls which Devin AI resources Nexla can access.

  2. Enter your Devin AI Organization ID in the Organization ID field. This value is used to construct the base URL for all v3 API calls (e.g., /v3/organizations/{organization_id}/sessions). You can find this ID on the Settings > Service Users page in the Devin AI web app.

    The Organization ID is not a secret and does not need to be stored securely, but it must be entered exactly as it appears in the Devin AI settings — typically a UUID-format string.

Save the Credential

  1. Once all of the relevant steps in the above sections have been completed, click the Save button at the bottom of the overlay to save the configured credential.

  2. The newly added credential will now appear in a tile on the Authenticate screen during data source/destination creation and can be selected for use with a new data source or destination.