Skip to main content
Version: 22.4.0

Tower API

Tower exposes a public API with all the necessary endpoints to manage Nextflow workflows programmatically, allowing organizations to incorporate Tower seamlessly into their existing processes.


As of version 23.4, the Seqera API is live on The legacy API remains fully operational, so existing API integrations will continue to perform as expected. Deprecation of the legacy API will be communicated well in advance to avoid any breaking changes to your integrations.

The Tower API can be accessed from All API endpoints use HTTPS, and all request and response payloads use JSON encoding. All timestamps use the ISO 8601 date-time standard format: YYYY-MM-DDTHH:MM:SSZ.


The Tower API uses the OpenAPI standard. The current OpenAPI schema can be found here.

For more information on the OpenAPI standard, see OpenAPI.


See Seqera Platform services API for a detailed list of all endpoints. This page also includes request and response payload examples, and the ability to test each endpoint interactively.

Programmatic API

You can use tools such as openapi-python-client to generate a programmatic API for a particular language (e.g. Python) based on the OpenAPI schema. However, we do not guarantee that any OpenAPI client generator will work with Tower API; use them at your own risk.


Tower API requires an authentication token to be specified in each API request using the Bearer HTTP header.

Your personal authorization token can be found in the user top-right menu under Your tokens.

To create a new access token, just provide a name for the token. This will help to identify it later.

The token is only displayed once. Store your token in a safe place.

Once created, use the token to authenticate to the Nextflow API via cURL, Postman, or within your code to requests.

cURL example

curl -H "Authorization: Bearer eyJ...YTk0"

Your token must be included in every API call. See Bearer token authentication for more information on bearer token authentication.


Some API GET methods will accept standard query parameters, which are defined in the documentation; querystring optional parameters such as page size, number (when available) and file name; and body parameters, mostly used for POST, PUT and DELETE requests.

Additionally, several head parameters are accepted such as Authorization for bearer access token or Accept-Version to indicate the desired API version to use (default to version 1)

curl -H "Authorization: Bearer QH..E5M="
-H "Accept-Version:1"
-X POST{item_id}?queryString={value}
-d { params: { "key":"value" } }

Client errors

There exists two typical standard errors, or non 200 or 204 status responses, to expect from the API.

Bad Request

The request payload is not properly defined or the query parameters are invalid.

"message": "Oops... Unable to process request - Error ID: 54apnFENQxbvCr23JaIjLb"


Your access token is invalid or expired. This response may also imply that the entry point you are trying to access is not available; in such a case, it is recommended you check your request syntax.

Status: 403 Forbidden

Rate limiting

For all API requests, there is a limit of 20 calls per second (72000 calls per hour) and access key.