Authentication

All protected Gradii API endpoints use HTTP bearer authentication.

1
Authorization: Bearer iai_your_token_here

Keep tokens out of client-side code, public repositories, screenshots, and support tickets. Rotate tokens when an integration owner changes or a credential may have been exposed.

Token format

Gradii API tokens use the iai_ prefix.

iai_your_token_here

Error responses

Authentication failures return standard JSON error payloads with a machine-readable code.

1
{
2
  "success": false,
3
  "error": "Invalid or missing token",
4
  "code": "AUTH_FAILED",
5
  "message": "Authentication failed"
6
}