Authentication

TeleAI uses two authentication modes depending on the endpoint.

Gateway — API Key

All Gateway calls require a Bearer token with your teleai_* API key:

text

Authorization: Bearer teleai_<hex_string>

Keys are tenant-scoped. Cross-tenant access returns 401 or 404.

Platform — JWT

Portal and governance APIs require a JWT access token from login:

bash

curl -X POST "https://<BASE_URL>/v1/identity/login" \
  -H "Content-Type: application/json" \
  -d '{"email": "user@company.com", "password": "<password>"}'

Response includes access_token, refresh_token, and expires_in.

Token Refresh

bash

curl -X POST "https://<BASE_URL>/v1/identity/refresh" \
  -H "Content-Type: application/json" \
  -d '{"refreshToken": "<refresh_token>"}'