Authentication
DataBlue supports two authentication methods. Both are sent as Authorization: Bearer <token> in the request header.
| Method | Format | TTL | Source |
|---|---|---|---|
| JWT Token | eyJ... |
7 days | POST /v1/auth/login |
| API Key | wh_... |
Persistent | Dashboard → API Keys |
JWT Authentication
Obtain a JWT token by authenticating with your email and password:
curl -X POST "https://api.datablue.dev/v1/auth/login" \
-H "Content-Type: application/json" \
-d '{"email": "you@example.com", "password": "your_password"}'
# Response: {"access_token": "eyJ...", "token_type": "bearer"}API Key Authentication (Recommended)
API keys are persistent and do not expire. Generate them from the Dashboard under the API Keys panel. All API keys use the wh_ prefix.
# Use your API key in every request
curl -X POST "https://api.datablue.dev/v1/scrape" \
-H "Authorization: Bearer wh_abc123def456" \
-H "Content-Type: application/json" \
-d '{"url": "https://example.com"}'Security note: API keys and JWT tokens are interchangeable in the Authorization header. Sensitive data (LLM keys, proxy credentials) is encrypted at rest with Fernet (AES-256).