trustgraph/specs/api/security/bearerAuth.yaml

type: http
scheme: bearer
description: |
  Bearer token authentication.

  Clients authenticate by passing an opaque token in the
  `Authorization` header. The token is treated as an opaque string by
  clients — its internal structure is a gateway implementation detail
  and must not be relied upon.

  The gateway resolves the token to an authenticated identity and an
  associated workspace. All workspace-scoped and flow-scoped operations
  then execute within that workspace context.

  Tokens are obtained via the IAM service (e.g. `tg-login` or
  `tg-create-api-key`).

  Example:
  ```
  Authorization: Bearer <token>
  ```
REST API OpenAPI spec (#612) * OpenAPI spec in specs/api. Checked lint with redoc. 2026-01-15 11:04:37 +00:00			`type: http`
			`scheme: bearer`
			`description: \|`
			`Bearer token authentication.`

Update API docs for 2.4 (#960) - Update API specs for 2.4 (#960) - Update API docs - Regenerate Python docs 2026-05-28 17:55:51 +01:00			`Clients authenticate by passing an opaque token in the`
			`Authorization` header. The token is treated as an opaque string by
			`clients — its internal structure is a gateway implementation detail`
			`and must not be relied upon.`

			`The gateway resolves the token to an authenticated identity and an`
			`associated workspace. All workspace-scoped and flow-scoped operations`
			`then execute within that workspace context.`

			Tokens are obtained via the IAM service (e.g. `tg-login` or
			`tg-create-api-key`).
REST API OpenAPI spec (#612) * OpenAPI spec in specs/api. Checked lint with redoc. 2026-01-15 11:04:37 +00:00
			`Example:`
			```
Update API docs for 2.4 (#960) - Update API specs for 2.4 (#960) - Update API docs - Regenerate Python docs 2026-05-28 17:55:51 +01:00			`Authorization: Bearer <token>`
REST API OpenAPI spec (#612) * OpenAPI spec in specs/api. Checked lint with redoc. 2026-01-15 11:04:37 +00:00			```