Back to docs
Getting Started
Authentication
BLAZLE uses API keys for programmatic access and JWT-based sessions for the dashboard.
API Key Authentication
All requests to /api/v1/intercept/* must include your API key as a Bearer token:
Authorization: Bearer sk_live_your_api_key
Keys are prefixed sk_live_. Never expose them in client-side code or public repositories. Revoke compromised keys immediately from the dashboard.
Dashboard Sessions (JWT)
The BLAZLE dashboard uses short-lived JWT access tokens (24h expiry) stored in HttpOnly, Secure, SameSite=Strict cookies — inaccessible to JavaScript. Sessions are managed automatically by the browser.
OAuth Login
You can sign in with GitHub or Google:
GET /api/v1/auth/github/login → Redirects to GitHub OAuth GET /api/v1/auth/google/login → Redirects to Google OAuth