Authentication
How to authenticate with the Vibescaling API
Authentication Methods
Vibescaling supports two authentication methods:
API Key (recommended for integrations)
Create an API key in Settings → API Keys. Include it in the Authorization header:
curl -H "Authorization: Bearer vs_your_api_key" \
https://admin.vibescaling.org/api/v1/postsAPI keys are scoped to your organization. All actions are performed in the context of that org.
Session (dashboard)
The dashboard uses cookie-based session authentication via Supabase Auth. This is handled automatically when you're logged in.
API Keys
API keys start with vs_ and are tied to a specific organization.
Creating an API key
- Go to Settings → API Keys
- Click Create API Key
- Give it a name and copy the key — it won't be shown again
Key properties
- Scoped to one organization
- Can be revoked at any time
- Optional expiration date
- Last-used timestamp tracked automatically
Roles
Organization members have roles that control access:
| Role | Permissions |
|---|---|
| Owner | Full access, billing, delete org |
| Admin | Manage members, settings, content |
| Member | Create and manage content |
| Viewer | Read-only access |
API keys have full access equivalent to the Admin role.