Authentication
Browser Forest uses API Key authentication. Include your key via the X-API-Key header on every request. API keys start with bf_live_ and never expire.
Login
POST /v1/auth/login
{
"email": "[email protected]",
"password": "yourpassword"
}
# Returns
{
"token": "eyJ...",
"user": { "id": "usr_xxx", "email": "[email protected]" }
}Create an API Key
API Keys start with bf_live_ and are suitable for long-term use in code.
POST /v1/auth/api-keys
X-API-Key: <api_key>
{
"name": "production-key"
}
# Returns
{
"id": "xxx",
"name": "production-key",
"key": "bf_live_xxxxxxxxxxxxxxxxxxxx",
"createdAt": "2024-01-01T00:00:00Z"
}Note: The API Key is returned only once upon creation. Store it securely.
List API Keys
GET /v1/auth/api-keys
X-API-Key: <api_key>
# Returns
[
{ "id": "xxx", "name": "production-key", "createdAt": "..." }
]Revoke an API Key
DELETE /v1/auth/api-keys/:id
X-API-Key: <api_key>Authentication Method
Include your API Key in the header of every request:
X-API-Key: bf_live_xxxxxxxxxxxxxxxxxxxx| Header | Prefix | Expiry | Usage |
|---|---|---|---|
| X-API-Key | bf_live_ | Permanent | All API requests |