Skip to main content

Authentication

FlagTGL uses JWT tokens for management API authentication and SDK keys for SDK-to-relay communication.

Management API: Obtain a JWT by calling POST /api/auth/login with your email and password. Include the token in subsequent requests as Authorization: Bearer <token>. Tokens expire after 24 hours by default.

SDK Keys: Each environment has a unique SDK key that authenticates your application's SDK with the relay proxy. SDK keys are scoped to a single environment and can be rotated from the environment settings page.

note

API rate limiting and OAuth support are coming soon.