Authentication

The Catalyst API supports personal access tokens (PAT) and OIDC for keyless CI auth.

Personal access tokens

Send your token as a bearer header:

curl https://api.catalyst.dev/v1/artifacts \
  -H "Authorization: Bearer $CATALYST_TOKEN"

Exchange a CI-issued OIDC token for a short-lived Catalyst session — no static secrets needed.

POST /v1/auth/oidc
{
  "audience": "catalyst",
  "token": "<oidc-jwt>"
}