Authentication
Authenticate your API requests.
API Token
Include your API token in the Authorization header:
curl https://api.cmdop.com/v1/machines \
-H "Authorization: Bearer cmdop_xxx..."Get API Token
- Go to dashboard settingsÂ
- Click “Create Token”
- Set name and permissions
- Copy the token (shown once)
Token Permissions
| Permission | Description |
|---|---|
machines:read | List and view machines |
machines:write | Modify machine settings |
commands:execute | Execute commands |
files:read | Read files |
files:write | Write/upload files |
schedules:read | View schedules |
schedules:write | Create/modify schedules |
webhooks:manage | Manage webhooks |
Request Example
curl -X GET https://api.cmdop.com/v1/auth/me \
-H "Authorization: Bearer cmdop_xxx..." \
-H "Content-Type: application/json"Response
{
"data": {
"id": "user_abc123",
"email": "[email protected]",
"name": "John Doe",
"plan": "pro",
"permissions": [
"machines:read",
"machines:write",
"commands:execute"
]
}
}Error Responses
Invalid Token
{
"error": {
"code": "unauthorized",
"message": "Invalid or expired API token"
}
}Insufficient Permissions
{
"error": {
"code": "forbidden",
"message": "Token lacks required permission: commands:execute"
}
}Token Security
- Never expose tokens in client-side code
- Use environment variables
- Rotate tokens regularly
- Use minimum required permissions
- Revoke unused tokens
Rate Limits
Per-token limits:
- 1000 requests/minute
- Headers indicate remaining quota
When rate limited (429):
{
"error": {
"code": "rate_limited",
"message": "Rate limit exceeded",
"retry_after": 60
}
}