Authentication

CloudSigma supports two authentication methods. Use API keys for programmatic integrations (scripts, CI/CD pipelines) and JWT tokens for browser-based access.

API Keys (Recommended for Integrations)

API keys are available on Pro, Team, and Enterprise tiers. Keys provide the same access as JWT tokens without needing to implement the Cognito sign-in flow.

Key Format

csk_live_<32 hex characters>

Example: csk_live_a1b2c3d4e5f67890abcdef1234567890

Creating an API Key

You can also create keys via the API (requires JWT authentication):

curl -X POST https://cloudsigma.a13e.com/v1/api-keys \
  -H "Authorization: Bearer YOUR_JWT_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"name": "CI Pipeline"}'

Using an API Key

Include the key as a Bearer token in the Authorization header:

curl https://cloudsigma.a13e.com/v1/usage \
  -H "Authorization: Bearer csk_live_a1b2c3d4e5f67890abcdef1234567890"

import requests
 
headers = {"Authorization": "Bearer csk_live_YOUR_KEY_HERE"}
 
response = requests.get(
    "https://cloudsigma.a13e.com/v1/usage",
    headers=headers,
)
print(response.json())

Key Management

Rate Limits

Each API key has a configurable daily request limit. The default is 250 requests per day. When exceeded, the API returns 429 Too Many Requests.

JWT Tokens (Web Application)

JWT tokens are used by the CloudSigma web application. They are obtained through the Cognito sign-in flow and expire after 1 hour.

Sign-In Flow

1. User submits email and password to Cognito
2. Cognito returns an access token, ID token, and refresh token
3. The access token is sent as a Bearer token with each API request
4. When the access token expires, the SDK automatically refreshes it using the refresh token

Using a JWT Token

curl https://cloudsigma.a13e.com/v1/usage \
  -H "Authorization: Bearer eyJhbGciOiJSUzI1NiIs..."

Token Details

Authentication Errors