Skip to content
FlightStack Docs

API Authentication

API Authentication

Section titled “API Authentication”

FlightStack uses JWT (JSON Web Tokens) for API authentication.

Obtaining a Token

Section titled “Obtaining a Token”

Via CLI

Section titled “Via CLI”
Terminal window
flightstack login

After authentication, tokens are stored at ~/.flightstack/config.json.

Via API

Section titled “Via API”
Terminal window
POST /auth/login
Content-Type: application/json


{
  "email": "you@example.com",
  "password": "your-password"
}

Response:

{
  "accessToken": "eyJhbG...",
  "refreshToken": "eyJhbG...",
  "expiresAt": "2024-01-01T00:00:00Z"
}

Using the Token

Section titled “Using the Token”

Include the token in the Authorization header:

Terminal window
curl -H "Authorization: Bearer <access_token>" \
  https://api.flightstack.dev/repository

Token Refresh

Section titled “Token Refresh”

Access tokens expire after 1 hour. Use the refresh token:

Terminal window
POST /auth/refresh
Content-Type: application/json


{
  "refreshToken": "eyJhbG..."
}

Agent Authentication

Section titled “Agent Authentication”

Build agents use a separate token system:

Terminal window
curl -H "Authorization: Bearer <agent_token>" \
  https://api.flightstack.dev/buildagent/poll

Agent tokens are obtained during flightstack agent register.