mirror/coolify-docs
1
0
Fork 0
mirror of https://github.com/coollabsio/coolify-docs.git synced 2026-06-19 07:35:55 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
a64450ae9d92418476f4304cd7fa2fc17a88f426
coolify-docs/content/docs/api-reference/authorization.mdx
T
Andras Bacsai a64450ae9d feat(platform): migrate docs from VitePress to Fumadocs + TanStack Start 
Replace VitePress/Vue stack with Fumadocs MDX, TanStack Start, React 19,
and Vite. Migrate all documentation content to MDX under content/docs/.
Add full src/ app with React components, routing, search, and API page.

Remove Korrektly integration from CI/CD workflows, Dockerfile, and env
vars. Update build pipeline to output to .output/public instead of
docs/.vitepress/dist.
2026-05-06 12:08:05 +02:00

70 lines
1.8 KiB
Plaintext
Raw Blame History

---
title: Authorization
layout: doc
description: "Learn how to authorize API requests in Coolify with Bearer tokens, scoped permissions, and secure access control."
---
# Authorization
API request requires a `Bearer` token in `Authorization` header, which could be generated from the UI.
## Access
The API can be accessed through `http://<ip>:8000/api`.
With the exception of `/health` and `/feedback`, all routes are additionally prefixed with `/v1` resulting in the base route `http://<ip>:8000/api/v1`.
## Generate
1. Go to `Keys & Tokens` / `API tokens`.
2. Define a name for your token and click `Create New Token`.
<Callout type="success" title="Tip">
You will see the token once, so make sure to copy it and store it in a safe place.
</Callout>
## Scope
The token will only be able to access resources that are owned by the team that the token is scoped to.
```php
# Sample token
3|WaobqX9tJQshKPuQFHsyApxuOOggg4wOfvGc9xa233c376d7
```
## Permissions
<Callout type="warn" title="HEADS UP!">
Some API data won't get returned if the API token doesn't have correct permissions
</Callout>
Currently there are three types of permissions:
- read-only `(default)`
- read:sensitive
- view:sensitive
- `*` (all permissions)
### `read-only`
With this permission, you can only read data from the API, but you can't create, update, or delete any resources. Also you can't see sensitive data.
### `read:sensitive`
With this permission, you can only read data from the API and see sensitive information that is normally redacted. You cannot create, update, or delete any resources.
### `view:sensitive`
Without this permission, passwords, api keys, and other sensitive data will be redacted from the API response.
### `*`
Full access to all resources and sensitive data.
Reference in New Issue View Git Blame Copy Permalink