Authentication
Bluebricks API supports two authentication methods:
Long-lived API Tokens - For automated workflows and CI/CD pipelines
JWT Tokens - For personal authentication and testing
JWT Tokens
JWT tokens are obtained from the CLI or UI and are ideal for personal testing and development.
Extract JWT from CLI
After running bricks login, extract your JWT token:
token=$(awk '/^token:/ {sub(/token:[[:space:]]*/, ""); print; exit}' ~/.bricks/credentials.yaml)
curl -H "Authorization: ${token}" https://api.bluebricks.co/api/v1/environments$token = (Get-Content "$HOME\.bricks\credentials.yaml" | Select-String -Pattern '^token:' | ForEach-Object { $_ -replace '^token:\s*', '' })
curl -H "Authorization: $token" https://api.bluebricks.co/api/v1/environmentsLong-lived API Tokens
Long-lived API tokens are essential for secure server-to-server communication, enabling seamless authentication without frequent renewals.
You can create and manage API tokens through:
UI - Settings > Tokens
API - Use the Auth endpoints described below
Prerequisites
Managing long-lived API tokens requires Admin role
Create via UI
Navigate to Settings > Tokens in the Bluebricks app to create and manage your API tokens.
Important: API tokens are only displayed once upon creation. Make sure to copy and store your token securely before closing the dialog.
Create via API
Use the POST Auth Key API to create a long-lived API token:
For first-time creation, use your JWT token to authenticate the request.
Important: The API token is only returned once in the response. Make sure to copy and store it securely.
Once you have a long-lived API token, all other API requests can be authenticated using the created token.
List via API
Use the GET Auth Keys API to list your long-lived API tokens:
Deactivate via API
Use the POST Auth Deactivate Key API to disable long-lived API tokens:
Activate via API
Use the POST Auth Activate Key API to enable long-lived API tokens:
Last updated
Was this helpful?