Developers / API Reference

Session cookies, bearer tokens, and credential handling.

7 categories27 pagesUpdated Jan 1, 1970

# Authentication Cosantoir supports secure session cookies for browser flows and bearer tokens for service calls. ## Browser Sessions - Login issues HTTP-only session cookies. - CSRF protections are required on mutation endpoints. ## Service Tokens ``http Authorization: Bearer <token> `` ## Token Scope Grant least-privilege scopes for automation. Rotate tokens on schedule or incident response.

Last updated Jan 1, 1970