Skip to main content
All API endpoints require authentication using Bearer tokens. This guide explains how to obtain and use tokens.

Getting a Token

You can get an authentication token using the CLI: 
pragma auth login
This opens your browser for authentication. After successful login, your token is stored locally. To view your current token for API calls: 
pragma auth token

Using Tokens

Include your token in the Authorization header of every request: 
curl -H "Authorization: Bearer <your-token>" \
  https://api.pragmatiks.io/resources/

Token Lifecycle

Tokens are JWTs issued by Clerk and have a limited lifetime. The CLI automatically refreshes tokens when needed. If you receive a 401 Unauthorized response, re-authenticate: 
pragma auth login

Request Headers

HeaderRequiredDescription
AuthorizationYesBearer token for authentication
Content-TypeFor POST/PUTapplication/json for JSON bodies, multipart/form-data for file uploads

Example: Authenticated Request

# Set your token
TOKEN=$(pragma auth token)

# List resources
curl -H "Authorization: Bearer $TOKEN" \
  https://api.pragmatiks.io/resources/

Multi-Tenant Isolation

Your token identifies your organization. All API requests are automatically scoped to your organization’s namespace. You cannot access resources belonging to other organizations.

Error Responses

StatusMeaning
401 UnauthorizedMissing or invalid token
403 ForbiddenToken valid but lacks permission for the requested operation
{
  "detail": "Not authenticated"
}

Next Steps

Error Codes

Understand API error responses.

Examples

See curl examples for common operations.