Authentication
SureStage uses JWT-based authentication with AWS Cognito as the identity provider.
Authentication Methods
1. JWT Bearer Token
Obtain a token via the login flow and include it in all requests:
curl -H "Authorization: Bearer eyJhbGciOiJSUzI1NiIs..." \
https://api.surestage.com/v1/instances
2. API Key
Use an API key for machine-to-machine access:
curl -H "Authorization: Bearer ss_key_abc123..." \
https://api.surestage.com/v1/instances
Token Lifecycle
Multi-Tenancy
After authentication, switch between tenants:
POST /auth/switch-tenant
{
"tenantSlug": "acme-corp"
}
The returned token is scoped to the selected tenant.
Related
- JWT Tokens - Token format and validation
- API Keys - Key management
- OAuth Providers - Social login integration