Auth & CLI
API keys, OAuth, and the CLI authentication handshake.
Authorization
BearerAuth API key obtained from Operalta Settings → API Keys. Format: op_xxxxx. Pass as Authorization: Bearer op_....
In: header
Query Parameters
Set to false to validate without updating the token's last_used_at timestamp.
"false"Response Body
application/json
application/json
curl -X GET "https://example.com/api/cli/authorize"{
"valid": true,
"userId": "string",
"email": "string",
"companyId": "8bb73d03-06b4-47c7-80c7-59301f770eda",
"companyName": "string",
"expiresAt": 0,
"scope": "string",
"scopes": [
"string"
]
}{
"error": "string",
"status": 0,
"details": {}
}Authorization
SessionCookie Authenticated Operalta web session Cookie header. In practice this usually contains sb-<project-ref>-auth-token=... and may include chunked siblings; use the full Cookie header copied from a logged-in browser session.
In: header
Request Body
application/json
TypeScript Definitions
Use the request body type in TypeScript.
Response Body
application/json
application/json
application/json
application/json
curl -X POST "https://example.com/api/cli/authorize" \ -H "Content-Type: application/json" \ -d '{}'{
"token": {
"accessToken": "string",
"refreshToken": "string",
"expiresAt": 0,
"userId": "string",
"email": "string",
"companyId": "8bb73d03-06b4-47c7-80c7-59301f770eda",
"companyName": "string",
"scope": "string",
"scopes": [
"string"
]
}
}{
"error": "string",
"status": 0,
"details": {}
}{
"error": "string",
"status": 0,
"details": {}
}{
"error": "string",
"status": 0,
"details": {}
}Authorization
BearerAuth API key obtained from Operalta Settings → API Keys. Format: op_xxxxx. Pass as Authorization: Bearer op_....
In: header
Response Body
application/json
application/json
curl -X DELETE "https://example.com/api/cli/authorize"{
"success": true,
"message": "string"
}{
"error": "string",
"status": 0,
"details": {}
}Authorization
BearerAuth API key obtained from Operalta Settings → API Keys. Format: op_xxxxx. Pass as Authorization: Bearer op_....
In: header
Request Body
application/json
TypeScript Definitions
Use the request body type in TypeScript.
Response Body
application/json
application/json
application/json
curl -X POST "https://example.com/api/cli/sync" \ -H "Content-Type: application/json" \ -d '{ "filePath": "string", "content": "string", "fileType": "string" }'{
"entriesCreated": 0,
"entriesUpdated": 0
}{
"error": "string",
"status": 0,
"details": {}
}{
"error": "string",
"status": 0,
"details": {}
}Authorization
SessionCookie Authenticated Operalta web session Cookie header. In practice this usually contains sb-<project-ref>-auth-token=... and may include chunked siblings; use the full Cookie header copied from a logged-in browser session.
In: header
Response Body
application/json
application/json
curl -X GET "https://example.com/api/cli/tokens"{
"tokens": [
{
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"label": "string",
"user_agent": "string",
"scope": "string",
"scopes": [
"string"
],
"company_id": "b2e6a1c3-1a5e-44ae-a8fd-81f76fd715cf",
"company_name": "string",
"created_at": "2019-08-24T14:15:22Z",
"expires_at": "2019-08-24T14:15:22Z",
"last_used_at": "2019-08-24T14:15:22Z"
}
]
}{
"error": "string",
"status": 0,
"details": {}
}Authorization
SessionCookie Authenticated Operalta web session Cookie header. In practice this usually contains sb-<project-ref>-auth-token=... and may include chunked siblings; use the full Cookie header copied from a logged-in browser session.
In: header
Request Body
application/json
TypeScript Definitions
Use the request body type in TypeScript.
Response Body
application/json
application/json
curl -X POST "https://example.com/api/cli/tokens" \ -H "Content-Type: application/json" \ -d '{}'{
"success": true,
"apiKey": "string",
"token": {
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"label": "string",
"user_agent": "string",
"company_id": "b2e6a1c3-1a5e-44ae-a8fd-81f76fd715cf",
"company_name": "string",
"scope": "string",
"scopes": [
"string"
],
"created_at": "2019-08-24T14:15:22Z",
"expires_at": "2019-08-24T14:15:22Z",
"last_used_at": "2019-08-24T14:15:22Z"
},
"message": "string"
}{
"error": "string",
"status": 0,
"details": {}
}Authorization
SessionCookie Authenticated Operalta web session Cookie header. In practice this usually contains sb-<project-ref>-auth-token=... and may include chunked siblings; use the full Cookie header copied from a logged-in browser session.
In: header
Path Parameters
uuidResponse Body
application/json
application/json
application/json
curl -X DELETE "https://example.com/api/cli/tokens/497f6eca-6276-4993-bfeb-53cbbbba6f08"{
"success": true,
"tokenId": "07dfef4c-e677-4ce6-87a3-cd348338445f",
"message": "string"
}{
"error": "string",
"status": 0,
"details": {}
}{
"error": "string",
"status": 0,
"details": {}
}Authorization
BearerAuth API key obtained from Operalta Settings → API Keys. Format: op_xxxxx. Pass as Authorization: Bearer op_....
In: header
Query Parameters
uri"code""S256"Space-delimited scope string. Defaults to write.
16 <= lengthResponse Body
application/json
curl -X GET "https://example.com/api/oauth/authorize?client_id=string&redirect_uri=http%3A%2F%2Fexample.com&response_type=code&code_challenge_method=S256&code_challenge=string&state=stringstringstri"{
"error": "string",
"error_description": "string"
}Authorization
SessionCookie Authenticated Operalta web session Cookie header. In practice this usually contains sb-<project-ref>-auth-token=... and may include chunked siblings; use the full Cookie header copied from a logged-in browser session.
In: header
Request Body
application/json
TypeScript Definitions
Use the request body type in TypeScript.
Response Body
application/json
application/json
application/json
application/json
curl -X POST "https://example.com/api/oauth/authorize" \ -H "Content-Type: application/json" \ -d '{}'{
"redirect_url": "http://example.com"
}{
"error": "string",
"error_description": "string"
}{
"error": "string",
"status": 0,
"details": {}
}{
"error": "string",
"status": 0,
"details": {}
}Authorization
BearerAuth API key obtained from Operalta Settings → API Keys. Format: op_xxxxx. Pass as Authorization: Bearer op_....
In: header
Request Body
application/x-www-form-urlencoded
TypeScript Definitions
Use the request body type in TypeScript.
Response Body
application/json
curl -X POST "https://example.com/api/oauth/revoke" \ -H "Content-Type: application/x-www-form-urlencoded" \ -d 'token=string'{}Authorization
BearerAuth API key obtained from Operalta Settings → API Keys. Format: op_xxxxx. Pass as Authorization: Bearer op_....
In: header
Request Body
application/x-www-form-urlencoded
TypeScript Definitions
Use the request body type in TypeScript.
Response Body
application/json
application/json
application/json
application/json
curl -X POST "https://example.com/api/oauth/token" \ -H "Content-Type: application/x-www-form-urlencoded" \ -d 'grant_type=authorization_code'{
"access_token": "string",
"token_type": "Bearer",
"expires_in": 0,
"scope": "string",
"refresh_token": "string"
}{
"error": "string",
"error_description": "string"
}{
"error": "string",
"error_description": "string"
}{
"error": "string",
"error_description": "string"
}