Authentication
Authentication
Use dashboard-issued bearer tokens for REST and MCP access.
Authentication
Relentless Identity uses Personal Access Tokens generated in the dashboard.
Bearer authentication
Send your token in the Authorization header:
Authorization: Bearer relid_pat_...
Where to get a token
Generate a token from the dashboard on the Personal Access Token page.
What the token is used for
- Direct REST requests to
client/attempt,client/probe, andclient/probe/batch - Direct REST requests to account and background job endpoints such as
client/usage,client/history, andclient/jobs/* - MCP installation and authenticated MCP tool calls
Scope expectations
Dashboard-issued bearer tokens are the normal way to authenticate both REST and MCP traffic.
For MCP OAuth installations, the current grouped capability scopes are:
mcp:identitymcp:accountmcp:jobs
Those grouped scopes map to the MCP tool families rather than to individual tool names.
Keep in mind
- Tokens are shown once when issued or rotated.
- If you rotate a token, update any saved REST or MCP configuration that uses it.
- Treat tokens like passwords and store them in your normal secret management workflow.
- A valid token does not override temporary synchronous capacity limits. If the API returns
429, retry later or switch to a background job endpoint.
Quick links
Browse the docs
Start with the overview, move into authentication and implementation details, then keep the reference pages nearby while you build.
Agent-ready docs
Copy this page or hand an agent `llms.txt`
Copy the current page as Markdown, or copy `llms.txt` when you want to give an assistant a clean index of the docs, reference, and related pages.
Companion routes
Reference, pricing, and access
Jump from the guides into the live API reference, pricing, or token management when you are ready to move from evaluation to production use.