Membrane Token
The main way to authenticate. Sign a JWT with your workspace key and secret. You can find your workspace key and secret on the Access page in Console Settings.Token fields
Public/Private Key Signing
For stronger security, you can sign tokens with a public/private key pair instead of a shared secret. Pass the private key to the sign method and provide the public key in the workspace settings. Use any asymmetric algorithm:ES256, RS256, PS256, etc.
Test Token
For quick testing, get a pre-generated test token from the Access page in Console Settings.Long-lived Tokens
For tokens that don’t expire, create a Long-lived Token on the Access page in Console Settings under the Client Tokens section.Workspace Management Token
For administrative operations that affect the entire workspace — managing tenants, updating workspace settings, importing/exporting configuration, and other operations that aren’t scoped to a single tenant. IncludeisAdmin: true in the token payload and omit tenantKey: