Authentication

Relentless Identity uses bearer tokens for direct REST and MCP access.

Bearer authentication

Send your token in the Authorization header:

Authorization: Bearer relid_pat_...

Where to get a token

• Generate a token from the dashboard on the Personal Access Token page.
• Or sign in and fund your account through the dashboard crypto checkout if you want a dashboard-managed crypto balance.
• Or buy an accountless prepaid bundle through the x402 crypto payment flow.

What the token is used for

• Direct REST requests to client/attempt, client/probe, and client/probe/batch
• Direct REST requests to account and background job endpoints such as client/usage, client/history, and client/jobs/*
• MCP installation and authenticated MCP tool calls

Scope expectations

Dashboard-issued bearer tokens are the normal way to authenticate both REST and MCP traffic.

Accountless x402 purchases return the same relid_pat_... bearer token format after settlement, so downstream REST and MCP clients do not need a second auth protocol.

For MCP OAuth installations, the current grouped capability scopes are:

• mcp:identity
• mcp:account
• mcp:jobs

Those grouped scopes map to the MCP tool families rather than to individual tool names.

Keep in mind

• Tokens are shown once when issued or rotated.
• If you rotate a token, update any saved REST or MCP configuration that uses it.
• Treat tokens like passwords and store them in your normal secret management workflow.
• A valid token does not override temporary synchronous capacity limits. If the API returns 429, retry later or switch to a background job endpoint.