Skip to main content
The Qoder Cloud Agents API uses Personal Access Tokens (PATs) for authentication. Every API request must include a valid PAT in the HTTP headers.

Obtaining a PAT

  1. Sign in to the Qoder console.
  2. Open Settings → API Tokens.
  3. Click Create token and configure the name and scopes.
  4. Copy the generated token. The full value is shown only once—store it securely.
PATs are prefixed with pt-, e.g. pt-your-token-here. Never commit tokens to source control or share them.

Bearer header format

Pass the PAT in the Authorization header of every request as a bearer token: 
Authorization: Bearer pt-your-token-here

Full request example

# List Agents
curl -s https://api.qoder.com/api/v1/cloud/agents \
  -H "Authorization: Bearer $QODER_PAT"
Store the PAT as an environment variable to avoid hard-coding: 
# Add to ~/.bashrc or ~/.zshrc
export QODER_PAT="pt-your-token-here"

# Verify the configuration
curl -s https://api.qoder.com/api/v1/cloud/agents?limit=1 \
  -H "Authorization: Bearer $QODER_PAT"

Security recommendations

  • Use separate PATs for development, staging, and production.
  • Rotate tokens regularly.
  • Apply least-privilege scopes when issuing tokens.
  • Revoke any leaked token immediately from the console.

Overview

How Qoder Cloud Agents fits together.