Authentication

All API requests require a Bearer token in the Authorization header.

Authentication Methods

API Auth Tokens (recommended for automation)

API tokens are the simplest way to authenticate programmatic requests. Create one via the dashboard or the API:

curl -X POST https://api.justworkflowit.com/organizations/$ORG_ID/api-tokens \
  -H "Authorization: Bearer $JWT_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "CI/CD Pipeline",
    "permissions": ["workflow:create", "workflow:version:create", "job:submit", "job:read"]
  }'

The response includes a token field — this is your Bearer token. Store it securely; it cannot be retrieved again.

# Use the token for subsequent requests
curl https://api.justworkflowit.com/organizations/$ORG_ID/workflows \
  -H "Authorization: Bearer $API_TOKEN"

Caution

API tokens are scoped to a specific organization and a specific set of permissions. Follow the principle of least privilege — only grant the permissions your integration needs.

JWT (for browser-based apps)

If you’re building a web application, authenticate users through the JustWorkflowIt login page and use the resulting JWT:

1. Sign in via the JustWorkflowIt login page
2. The returned idToken is your Bearer token
3. Tokens expire after 1 hour; refresh using the standard refresh token flow

Permissions

Every API endpoint requires a specific permission. Permissions are assigned to users through roles or directly on API tokens.

See the API Reference for the exact permission required by each endpoint, shown in the x-permission field.

Common permission sets:

Use Case	Permissions
CI/CD pipeline	workflow:create, workflow:version:create, job:submit, job:read, job:list
Monitoring	job:read, job:list, metrics:read
Full access	All permissions (use the owner role)