> ## Documentation Index
> Fetch the complete documentation index at: https://docs.buildpixel.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Authentication

> Bearer tokens. Same shape across REST and Socket.IO.

All API requests carry an `Authorization` header:

```http theme={null}
Authorization: Bearer <token>
```

You get a token from the dashboard:

1. Open **Settings → Personal → API tokens**.
2. Click **New token**.
3. Copy the token. It's shown once — store it somewhere safe.

The token's permissions match your role in the org. A `member`-role user's token can trigger builds; an `admin`-role token can also edit integrations.

## Identifying yourself

```bash theme={null}
curl https://api.buildpixel.io/auth/me \
  -H "Authorization: Bearer $TOKEN"
```

Returns:

```json theme={null}
{
  "user": { "id": "...", "email": "...", "name": "..." },
  "organization": {
    "id": "...",
    "name": "MyStudio",
    "slug": "mystudio",
    "plan": "pro"
  },
  "membership": { "role": "admin" }
}
```

## Revoking a token

If a token is compromised:

1. Open **Settings → Personal → API tokens**.
2. Click **Revoke** next to the token.

The token returns 401 on the next request.

## Token storage

<Warning>
  Never commit tokens to git. Store them in your CI's secret manager (`secrets.BUILDPIXEL_TOKEN` in GitHub Actions, `${{ env.BUILDPIXEL_TOKEN }}` in GitLab) or a local credentials file outside your repo.
</Warning>