auth

Authentication operations for user authentication, authorization, and session management. Authentication endpoints handle user identity verification, token generation, and access control throughout the platform. The system uses JWT (JSON Web Token) based authentication managed through core.flows.super.ai. **Authentication flow:** 1. Obtain credentials from your account at core.flows.super.ai 2. Authenticate to receive JWT access token and refresh token 3. Include access token in API requests via Authorization header 4. API validates tokens and extracts user identity and organization context 5. Tokens expire after 1 hour and must be refreshed **Key concepts:** - **Bearer Tokens**: Short-lived JWT tokens (1 hour) used for API requests - **Anon-Key**: Long-lived API key used to authenticate to the authentication API. - **Refresh Tokens**: Long-lived tokens used to obtain new access tokens - **Protected Routes**: Most endpoints require valid authentication - **Public Endpoints**: Limited whitelisted paths accessible without auth **Getting started with authentication:** 1. **Obtain your Anonymous Key** (public endpoint - no authentication required): ```bash curl https://flows.super.ai/api/auth/anon-key ``` 2. **Authenticate** to receive your tokens: ```bash curl -X POST 'https://core.flows.super.ai/auth/v1/token?grant_type=password' \ -H 'Content-Type: application/json' \ -H 'apikey: ANON_KEY' \ -d '{"email": "you@example.com", "password": "your-password"}' ``` This will return a JWT access token and refresh token. 3. **Use the access token** in your requests: ```bash curl -H "Authorization: Bearer YOUR_ACCESS_TOKEN" \ https://flows.super.ai/api/flows ``` **Token management:** - Access tokens expire after 1 hour - Use refresh tokens to obtain new access tokens without re-authenticating - Store tokens securely and never commit them to version control All API endpoints (except whitelisted public paths) require authentication. Include your bearer token in the Authorization header: `Bearer `