GetABrain.ai

Authentication

GetABrain.ai supports two authentication methods for requestors: API key-based authentication and JWT session-based authentication. Both methods provide full access to the API.

API Key Authentication

The simplest way to authenticate. Include your X-API-Key and X-API-Secret headers with every request. Your key and secret are provided when you create your account.

HeaderDescription
X-API-KeyYour unique API key identifier
X-API-SecretYour API secret (keep this secure, never expose in client-side code)

cURL

curl https://getabrain.ai/api/v1/queries \
  -H "X-API-Key: gab_key_abc123def456" \
  -H "X-API-Secret: gab_secret_xyz789"

Python

import requests

headers = {
    "X-API-Key": "gab_key_abc123def456",
    "X-API-Secret": "gab_secret_xyz789",
}

response = requests.get(
    "https://getabrain.ai/api/v1/queries",
    headers=headers,
)
print(response.json())

Node.js

const response = await fetch("https://getabrain.ai/api/v1/queries", {
  headers: {
    "X-API-Key": "gab_key_abc123def456",
    "X-API-Secret": "gab_secret_xyz789",
  },
});

const data = await response.json();
console.log(data);

JWT Authentication

For session-based workflows, you can authenticate with your email and password to receive a JWT access token. This is ideal for dashboard integrations or when you want short-lived credentials.

Step 1: Login

POST to /api/v1/requestor/auth/login with your email and password:

curl -X POST https://getabrain.ai/api/v1/requestor/auth/login \
  -H "Content-Type: application/json" \
  -d '{
    "email": "you@example.com",
    "password": "your_password"
  }'

Response:

{
  "access_token": "eyJhbGciOiJIUzI1NiIs...",
  "token_type": "bearer",
  "expires_in": 86400
}

Step 2: Use the Token

Include the token in the Authorization header as a Bearer token:

cURL

curl https://getabrain.ai/api/v1/queries \
  -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIs..."

Python

import requests

token = "eyJhbGciOiJIUzI1NiIs..."

response = requests.get(
    "https://getabrain.ai/api/v1/queries",
    headers={"Authorization": f"Bearer {token}"},
)
print(response.json())

Node.js

const token = "eyJhbGciOiJIUzI1NiIs...";

const response = await fetch("https://getabrain.ai/api/v1/queries", {
  headers: {
    Authorization: `Bearer ${token}`,
  },
});

const data = await response.json();
console.log(data);

Security Best Practices

  • Never expose your API secret in client-side code or public repositories
  • Use environment variables to store credentials
  • Rotate your API secret periodically via the dashboard
  • Use JWT tokens for short-lived sessions; they expire after 24 hours
  • Always use HTTPS -- HTTP requests will be rejected