Skip to content
Genesis Genesis API

Authentication

The Genesis API uses two authentication methods depending on the context.

Dashboard API (JWT)

Section titled “Dashboard API (JWT)”

Dashboard operations use Bearer token authentication. Obtain tokens via the login endpoint:

Terminal window
curl -X POST https://api.usegenesis.dev/api/auth-login \
  -H "Content-Type: application/json" \
  -d '{"email": "you@example.com", "password": "your-password"}'

Response:

{
  "ok": true,
  "result": {
    "user": { "id": "...", "email": "...", "name": "..." },
    "account": { "id": "...", "name": "..." },
    "access_token": "eyJ...",
    "refresh_token": "a1b2c3..."
  }
}

Include the access token in subsequent requests:

Terminal window
curl -X POST https://api.usegenesis.dev/api/requests-list \
  -H "Authorization: Bearer eyJ..." \
  -H "Content-Type: application/json"

Access tokens expire after 15 minutes. Use the refresh token to get a new pair via auth-refresh.

Widget API (API Key)

Section titled “Widget API (API Key)”

Widget endpoints use an API key passed via the X-API-Key header:

Terminal window
curl -X POST https://api.usegenesis.dev/api/widget-submit-request \
  -H "X-API-Key: gk_abc123..." \
  -H "Content-Type: application/json" \
  -d '{"title": "...", "description": "..."}'

API keys are scoped to a single app and can be regenerated in the dashboard.