Skip to main content

ZeyOS Auth API

The ZeyOS OAuth 2.0 API handles authentication and session management for all ZeyOS cloud services. Use it to obtain bearer tokens for the REST API and to manage user sessions programmatically.

Base URL

All Auth API endpoints are available at:

Text
https://cloud.zeyos.com/{INSTANCE}/auth/v1/

Replace {INSTANCE} with your ZeyOS instance name.

Authentication Methods

ZeyOS supports three authentication methods:

MethodUse case
HTTP Basic AuthInitial token request — pass your username and password to /auth/v1/token
HTTP Bearer TokenAuthenticate subsequent API calls — include Authorization: Bearer {token} in every request
Session CookieBrowser-based sessions — the ZEYOSID cookie is set automatically after login

Getting a Token

Exchange your credentials for a bearer token using the /token endpoint:

Bash
curl -X POST \
-u "username:password" \
https://cloud.zeyos.com/{INSTANCE}/auth/v1/token

The response contains an access_token you can use in the Authorization header for all REST API requests.

Token Lifecycle

  • Tokens expire after a configurable period (default: 24 hours).
  • Use the /token/introspect endpoint to check whether a token is still active.
  • Use the /token/revoke endpoint to invalidate a token explicitly (e.g. on logout).

OpenAPI Specification

The Auth API is published as a machine-readable OpenAPI document:

Endpoints