Skip to main content

Device code flow

Used by the celerflow login CLI command.
1

Request a device code

POST /cli
{ "action": "device-code" }
Returns device_code, user_code, and verification_url.
2

User authorizes

User visits verification_url, signs in with Google, enters the code.
3

Poll for token

POST /cli
{ "action": "device-token", "device_code": "abc123" }
Poll until the user authorizes. Returns a user access token on success.

Bootstrap tokens

Agents receive a bootstrap token on connection via celerflow connect. This token:
  • Authenticates health reports, trace ingestion, and policy queries.
  • Rotates automatically — the plugin handles this.
  • Is scoped to a single agent and workspace.

API keys

For programmatic access, create API keys from Settings → API Keys:
  • Keys are prefixed with cf_ for identification.
  • Keys can be scoped to a specific agent or team.
  • Revoke keys instantly from the dashboard.

Using tokens

curl -H "Authorization: Bearer YOUR_TOKEN" \
  https://api.celerflow.ai/functions/v1/fleet