workthin
workthin
PricingBlogChangelogOverviewQuick StartConcepts

AuthenticationEndpointsDetail LevelsError Codes

Docs for LLMs

llms.txtllms-full.txt
REST API

Base URL

https://workthin.app/api/v1

API Key Authentication

For programmatic access, use an API key as a Bearer token.

Generate an API Key

  1. Open the workthin web UI
  2. Navigate to Settings > API Keys
  3. Click Create Key
  4. Copy the key (shown only once)

API keys use the wt_ prefix (e.g. wt_a1b2c3d4e5f6g7h8i9j0).

Usage

Include the key in the Authorization header:

curl https://workthin.app/api/v1/knowledge \
  -H "Authorization: Bearer wt_a1b2c3d4e5f6g7h8i9j0"

Revoke a Key

Navigate to Settings > API Keys and click Revoke next to the key. Revoked keys return 401 Unauthorized immediately.

Cookie-Based Authentication (Supabase)

The web UI uses Supabase cookie-based authentication. This is handled automatically by the browser — no manual configuration needed.

Device Code Flow (CLI)

The CLI uses a device code flow for authentication:

  1. wt login generates a device code
  2. User opens the verification URL in a browser
  3. User enters the code and signs in
  4. CLI receives and stores credentials in ~/.workthin/config.json

Endpoints

MethodPathDescription
POST/auth/device-codeRequest a new device code
POST/auth/device-tokenPoll for token after user authorization

Key Scopes

Keys inherit the permissions of the user who created them. A key created by a project admin can access project-scoped knowledge.

Skills & Commands

Slash commands for AI tools — /workthin to capture knowledge, /workthin-search to find existing solutions.

Endpoints

Base URL and complete endpoint reference for the workthin REST API.

On this page

Base URLAPI Key AuthenticationGenerate an API KeyUsageRevoke a KeyCookie-Based Authentication (Supabase)Device Code Flow (CLI)EndpointsKey Scopes