Skip to main content
Leaf connects to Raven Slingshot using API key credentials. Once connected, Leaf ingests machine files from Slingshot for the Leaf user. This is separate from Raven, which uses OAuth 2.0 credentials for grower, farm, and field data.

Prerequisites

  1. A Raven Slingshot portal account.
  2. Your apiKey, accessKey, and sharedSecret from the Slingshot portal.

Credentials schema

FieldTypeRequiredDescription
apiKeystringYesYour Slingshot API key.
accessKeystringYesYour Slingshot access key.
sharedSecretstringYesYour Slingshot shared secret.

Endpoints

MethodPathDescription
GET/users/{leafUserId}/raven-slingshot-credentialsGet stored credentials.
POST/users/{leafUserId}/raven-slingshot-credentialsCreate credentials.
DELETE/users/{leafUserId}/raven-slingshot-credentialsDelete credentials.
GET/users/{leafUserId}/raven-slingshot-credentials/eventsGet credential events for troubleshooting.
Base URL: https://api.withleaf.io/services/usermanagement/api

Create credentials

curl -X POST \
  -H 'Authorization: Bearer YOUR_TOKEN' \
  -H 'Content-Type: application/json' \
  -d '{
    "apiKey": "your-api-key",
    "accessKey": "your-access-key",
    "sharedSecret": "your-shared-secret"
  }' \
  'https://api.withleaf.io/services/usermanagement/api/users/{leafUserId}/raven-slingshot-credentials'

Response

{
  "id": "uuid",
  "status": "str",
  "createdTime": "2026-01-15T12:00:00.000000Z",
  "apiKey": "your-api-key",
  "accessKey": "your-access-key"
}

Troubleshooting

Use the events endpoint to check credential health. Events are retained for 30 days and are deleted when the credential is removed. 
GET /users/{leafUserId}/raven-slingshot-credentials/events

What to do next

Last modified on March 19, 2026