Skip to main content
This guide walks you through setting up API access for teams and standard organizations (non-enterprise). You’ll create a service user, get your credentials, and make your first API call in minutes.
If you’re part of an enterprise with multiple organizations, custom roles, or SSO, see the Enterprise quick start instead.

Step 1: Create a service user

  1. Go to Settings > Service users in your organization
  2. Click Create service user
  3. Choose a descriptive name (e.g., “CI Pipeline”, “Monitoring Bot”)
  4. Select a role:
    • Admin — full access to manage sessions, knowledge, playbooks, secrets, and settings
    • Member — can create and manage Devin sessions, view resources
Use the Member role for most automation. Only use Admin if your integration needs to manage org settings or other users.

Step 2: Generate an API key

  1. After creating the service user, click Generate API key
  2. Copy the key immediately — it starts with cog_ and won’t be shown again
  3. Store it securely as an environment variable:
export DEVIN_API_KEY="cog_your_key_here"

Step 3: Make your first API call

Create a Devin session: 
curl -X POST "https://api.devin.ai/v3/organizations/sessions" \
  -H "Authorization: Bearer $DEVIN_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"prompt": "Create a simple Python script that prints Hello World"}'
You don’t need to specify your org ID in the URL. Since your service user is scoped to a single organization, the API automatically resolves it. You can optionally include it: /v3/organizations/{org_id}/sessions. Find your org ID in Settings → Organization details.
Want sessions attributed to your user? By default, sessions are attributed to the service user. To create sessions on behalf of a specific user (so they appear in that user’s session list), add "create_as_user_id": "user_abc123" to the request body. This requires the Admin role (which includes the ImpersonateOrgSessions permission). See Session attribution for details.

Step 4: Common operations

List your sessions

curl "https://api.devin.ai/v3/organizations/sessions" \
  -H "Authorization: Bearer $DEVIN_API_KEY"

Send a message to a running session

export SESSION_ID="your_session_id"

curl -X POST "https://api.devin.ai/v3/organizations/sessions/$SESSION_ID/messages" \
  -H "Authorization: Bearer $DEVIN_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"message": "Please also add unit tests"}'

Manage knowledge

# List knowledge entries
curl "https://api.devin.ai/v3/organizations/knowledge/notes" \
  -H "Authorization: Bearer $DEVIN_API_KEY"

# Create a knowledge entry
curl -X POST "https://api.devin.ai/v3/organizations/knowledge/notes" \
  -H "Authorization: Bearer $DEVIN_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"name": "Coding standards", "trigger_description": "When writing code", "body": "Use TypeScript strict mode..."}'

Permissions for teams users

Teams organizations have a simple permission model:
RoleCan create sessionsCan manage resourcesCan manage settings
MemberYesYes (knowledge, playbooks, secrets)No
AdminYesYesYes
For fine-grained role-based access control (RBAC), see the Enterprise quick start.

Next steps