🌮

src/content/docs/api-reference/authorization.mdx

@@ -0,0 +1,52 @@
+---
+title: Authorization
+head:
+  - tag: "meta"
+    attrs:
+        property: "og:title"
+        content: "How to authorize API requests in Coolify"
+description: "Learn how to authorize your API requests."
+---
+
+import { Aside } from '@astrojs/starlight/components';
+
+API request requires a `Bearer` token in `Authorization` header, which could be generated from the UI.
+
+## Generate
+
+1. Go to `Keys & Tokens` / `API tokens`.
+2. Define a name for your token and click `Create New Token`.
+
+<Aside type="tip">
+  You will see the token once, so make sure to copy it and store it in a safe
+  place.
+</Aside>
+
+## Scope
+
+The token will only be able to access resources that are owned by the team that the token is scoped to.
+
+```php
+# Sample token
+3|WaobqX9tJQshKPuQFHsyApxuOOggg4wOfvGc9xa233c376d7
+```
+
+## Permissions
+
+Currently there are three types of permissions:
+
+- read-only `(default)`
+- view:sensitive
+- `*` (all permissions)
+
+### `read-only`
+
+With this permission, you can only read data from the API, but you can't create, update, or delete any resources. Also you can't see sensitive data.
+
+### `view:sensitive`
+
+Without this permission, passwords, api keys, and other sensitive data will be redacted from the API response.
+
+### `*`
+
+Full access to all resources and sensitive data.