Initializing Operalta...

Auth & CLI

API keys, OAuth, and the CLI authentication handshake.

GET
/api/cli/authorize

Authorization

BearerAuth
AuthorizationBearer <token>

API key obtained from Operalta Settings → API Keys. Format: op_xxxxx. Pass as Authorization: Bearer op_....

In: header

Query Parameters

touch?string

Set to false to validate without updating the token's last_used_at timestamp.

Value in"false"

Response Body

application/json

application/json

curl -X GET "https://example.com/api/cli/authorize"
{
  "valid": true,
  "userId": "string",
  "email": "string",
  "companyId": "8bb73d03-06b4-47c7-80c7-59301f770eda",
  "companyName": "string",
  "expiresAt": 0,
  "scope": "string",
  "scopes": [
    "string"
  ]
}
{
  "error": "string",
  "status": 0,
  "details": {}
}
POST
/api/cli/authorize

Authorization

SessionCookie
Cookie<token>

Authenticated Operalta web session Cookie header. In practice this usually contains sb-<project-ref>-auth-token=... and may include chunked siblings; use the full Cookie header copied from a logged-in browser session.

In: header

Request Body

application/json

TypeScript Definitions

Use the request body type in TypeScript.

Response Body

application/json

application/json

application/json

application/json

curl -X POST "https://example.com/api/cli/authorize" \  -H "Content-Type: application/json" \  -d '{}'
{
  "token": {
    "accessToken": "string",
    "refreshToken": "string",
    "expiresAt": 0,
    "userId": "string",
    "email": "string",
    "companyId": "8bb73d03-06b4-47c7-80c7-59301f770eda",
    "companyName": "string",
    "scope": "string",
    "scopes": [
      "string"
    ]
  }
}
{
  "error": "string",
  "status": 0,
  "details": {}
}
{
  "error": "string",
  "status": 0,
  "details": {}
}
{
  "error": "string",
  "status": 0,
  "details": {}
}
DELETE
/api/cli/authorize

Authorization

BearerAuth
AuthorizationBearer <token>

API key obtained from Operalta Settings → API Keys. Format: op_xxxxx. Pass as Authorization: Bearer op_....

In: header

Response Body

application/json

application/json

curl -X DELETE "https://example.com/api/cli/authorize"
{
  "success": true,
  "message": "string"
}
{
  "error": "string",
  "status": 0,
  "details": {}
}
POST
/api/cli/sync

Authorization

BearerAuth
AuthorizationBearer <token>

API key obtained from Operalta Settings → API Keys. Format: op_xxxxx. Pass as Authorization: Bearer op_....

In: header

Request Body

application/json

TypeScript Definitions

Use the request body type in TypeScript.

Response Body

application/json

application/json

application/json

curl -X POST "https://example.com/api/cli/sync" \  -H "Content-Type: application/json" \  -d '{    "filePath": "string",    "content": "string",    "fileType": "string"  }'
{
  "entriesCreated": 0,
  "entriesUpdated": 0
}
{
  "error": "string",
  "status": 0,
  "details": {}
}
{
  "error": "string",
  "status": 0,
  "details": {}
}
GET
/api/cli/tokens

Authorization

SessionCookie
Cookie<token>

Authenticated Operalta web session Cookie header. In practice this usually contains sb-<project-ref>-auth-token=... and may include chunked siblings; use the full Cookie header copied from a logged-in browser session.

In: header

Response Body

application/json

application/json

curl -X GET "https://example.com/api/cli/tokens"
{
  "tokens": [
    {
      "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
      "label": "string",
      "user_agent": "string",
      "scope": "string",
      "scopes": [
        "string"
      ],
      "company_id": "b2e6a1c3-1a5e-44ae-a8fd-81f76fd715cf",
      "company_name": "string",
      "created_at": "2019-08-24T14:15:22Z",
      "expires_at": "2019-08-24T14:15:22Z",
      "last_used_at": "2019-08-24T14:15:22Z"
    }
  ]
}
{
  "error": "string",
  "status": 0,
  "details": {}
}
POST
/api/cli/tokens

Authorization

SessionCookie
Cookie<token>

Authenticated Operalta web session Cookie header. In practice this usually contains sb-<project-ref>-auth-token=... and may include chunked siblings; use the full Cookie header copied from a logged-in browser session.

In: header

Request Body

application/json

TypeScript Definitions

Use the request body type in TypeScript.

Response Body

application/json

application/json

curl -X POST "https://example.com/api/cli/tokens" \  -H "Content-Type: application/json" \  -d '{}'
{
  "success": true,
  "apiKey": "string",
  "token": {
    "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
    "label": "string",
    "user_agent": "string",
    "company_id": "b2e6a1c3-1a5e-44ae-a8fd-81f76fd715cf",
    "company_name": "string",
    "scope": "string",
    "scopes": [
      "string"
    ],
    "created_at": "2019-08-24T14:15:22Z",
    "expires_at": "2019-08-24T14:15:22Z",
    "last_used_at": "2019-08-24T14:15:22Z"
  },
  "message": "string"
}
{
  "error": "string",
  "status": 0,
  "details": {}
}
DELETE
/api/cli/tokens/{id}

Authorization

SessionCookie
Cookie<token>

Authenticated Operalta web session Cookie header. In practice this usually contains sb-<project-ref>-auth-token=... and may include chunked siblings; use the full Cookie header copied from a logged-in browser session.

In: header

Path Parameters

id*string
Formatuuid

Response Body

application/json

application/json

application/json

curl -X DELETE "https://example.com/api/cli/tokens/497f6eca-6276-4993-bfeb-53cbbbba6f08"
{
  "success": true,
  "tokenId": "07dfef4c-e677-4ce6-87a3-cd348338445f",
  "message": "string"
}
{
  "error": "string",
  "status": 0,
  "details": {}
}
{
  "error": "string",
  "status": 0,
  "details": {}
}
GET
/api/oauth/authorize

Authorization

BearerAuth
AuthorizationBearer <token>

API key obtained from Operalta Settings → API Keys. Format: op_xxxxx. Pass as Authorization: Bearer op_....

In: header

Query Parameters

client_id*string
redirect_uri*string
Formaturi
response_type*string
Value in"code"
code_challenge_method*string
Value in"S256"
code_challenge*string
scope?string

Space-delimited scope string. Defaults to write.

state*string
Length16 <= length

Response Body

application/json

curl -X GET "https://example.com/api/oauth/authorize?client_id=string&redirect_uri=http%3A%2F%2Fexample.com&response_type=code&code_challenge_method=S256&code_challenge=string&state=stringstringstri"
Empty
{
  "error": "string",
  "error_description": "string"
}
POST
/api/oauth/authorize

Authorization

SessionCookie
Cookie<token>

Authenticated Operalta web session Cookie header. In practice this usually contains sb-<project-ref>-auth-token=... and may include chunked siblings; use the full Cookie header copied from a logged-in browser session.

In: header

Request Body

application/json

TypeScript Definitions

Use the request body type in TypeScript.

Response Body

application/json

application/json

application/json

application/json

curl -X POST "https://example.com/api/oauth/authorize" \  -H "Content-Type: application/json" \  -d '{}'
{
  "redirect_url": "http://example.com"
}
{
  "error": "string",
  "error_description": "string"
}
{
  "error": "string",
  "status": 0,
  "details": {}
}
{
  "error": "string",
  "status": 0,
  "details": {}
}
POST
/api/oauth/revoke

Authorization

BearerAuth
AuthorizationBearer <token>

API key obtained from Operalta Settings → API Keys. Format: op_xxxxx. Pass as Authorization: Bearer op_....

In: header

Request Body

application/x-www-form-urlencoded

TypeScript Definitions

Use the request body type in TypeScript.

Response Body

application/json

curl -X POST "https://example.com/api/oauth/revoke" \  -H "Content-Type: application/x-www-form-urlencoded" \  -d 'token=string'
{}
POST
/api/oauth/token

Authorization

BearerAuth
AuthorizationBearer <token>

API key obtained from Operalta Settings → API Keys. Format: op_xxxxx. Pass as Authorization: Bearer op_....

In: header

Request Body

application/x-www-form-urlencoded

TypeScript Definitions

Use the request body type in TypeScript.

Response Body

application/json

application/json

application/json

application/json

curl -X POST "https://example.com/api/oauth/token" \  -H "Content-Type: application/x-www-form-urlencoded" \  -d 'grant_type=authorization_code'
{
  "access_token": "string",
  "token_type": "Bearer",
  "expires_in": 0,
  "scope": "string",
  "refresh_token": "string"
}
{
  "error": "string",
  "error_description": "string"
}
{
  "error": "string",
  "error_description": "string"
}
{
  "error": "string",
  "error_description": "string"
}