Authentication
All API requests require authentication using a Bearer token. You can use either a session token (for browser-based apps) or an API token (for server-to-server communication).
API Tokens
Section titled “API Tokens”API tokens are the recommended way to authenticate for programmatic access. They provide:
- Long-lived credentials that don’t expire
- Scoped permissions per token
- Easy revocation without affecting other tokens
Creating an API Token
Section titled “Creating an API Token”- Navigate to Settings > API Tokens in the Catalyzed app
- Click Create Token
- Give your token a descriptive name
- Copy the token immediately - it won’t be shown again
Using Your Token
Section titled “Using Your Token”Include the token in the Authorization header:
curl https://api.catalyzed.ai/me \ -H "Authorization: Bearer YOUR_API_TOKEN"const response = await fetch("https://api.catalyzed.ai/me", { headers: { Authorization: `Bearer ${API_TOKEN}`, },});import requests
response = requests.get( "https://api.catalyzed.ai/me", headers={"Authorization": f"Bearer {API_TOKEN}"})Session Authentication
Section titled “Session Authentication”For browser-based applications, users authenticate via email/password or OAuth. Session tokens are:
- Automatically managed via HTTP-only cookies
- Short-lived with automatic refresh
- Tied to a specific browser session
Error Responses
Section titled “Error Responses”| Status Code | Description |
|---|---|
| 401 | Missing or invalid token |
| 403 | Token doesn’t have permission for this resource |
{ "error": "UNAUTHORIZED", "message": "Invalid or expired token"}