Skip to main content

Generating an API token

  1. Sign in to Enclave
  2. Navigate to Settings → API Tokens
  3. Click New Token
  4. Set a name, expiry, and permission scope
  5. Copy the token — it is shown only once

Token scopes

ScopeAccess
read:roomsList and view rooms
write:roomsCreate, update, archive rooms
read:filesDownload files
write:filesUpload, rename, delete files
read:usersList users and Org Unit memberships
write:usersInvite users, change roles
read:auditExport audit logs
adminFull access (use with caution)

Using a token

curl https://enclave.quelden.com/api/v1/rooms \
  -H "Authorization: Bearer enclv_live_abc123..."

Token format

Tokens are prefixed for easy identification:
  • enclv_live_ — production token
  • enclv_test_ — sandbox token (if enabled)

Revoking a token

Tokens can be revoked at any time from Settings → API Tokens → Revoke. Revocation is immediate — in-flight requests using the token will fail with 401 Unauthorized.

Session tokens vs API tokens

The API also accepts session tokens (cookies) from browser sessions, but these are intended for the Enclave web client only. Use API tokens for programmatic access — session tokens expire and rotate frequently.