Skip to main content

ZeyOS OAuth 2.0 API

Authentication and session management for all ZeyOS cloud services. Obtain bearer tokens for the REST API and manage user sessions programmatically.

Base URL

OpenAPI Specification

Get Started

Authentication Methods

Three ways to authenticate with ZeyOS — choose the one that fits your use case.

HTTP Basic AuthUse your username and password at POST /token to obtain a bearer token. Only needed once to bootstrap the session.
HTTP Bearer TokenInclude Authorization: Bearer {token} in every REST API request after obtaining a token via /token.
Session CookieBrowser-based sessions. The ZEYOSID cookie is set automatically after a successful /token call from a browser.

Token Lifecycle

ExpiryTokens expire after a configurable period (default: 24 hours).
IntrospectUse /token/introspect to check whether a token is still active.
RevokeUse /token/revoke to invalidate a token explicitly (e.g. on logout).

Related Documentation