Authentication
Anchor API clients authenticate before performing privileged operations.
Token handling
Section titled “Token handling”Keep tokens short-lived where practical, avoid logging credentials or tokens, and restrict token use to the intended automation context.
ANCHOR_TOKEN="$( curl -sS -X POST "$ANCHOR_API/auth/login" \ -H "Content-Type: application/json" \ -d '{"username":"automation-user","password":"replace-with-secret"}' \ | jq -r '.access_token')"Authorization
Section titled “Authorization”Authentication proves identity. Authorization still depends on permissions, scopes, policy, and requested operation.
Operational guidance
Section titled “Operational guidance”Use dedicated service identities for automation instead of sharing personal administrator credentials.