Authentication & Headers

UMVA AI API Authentication

All UMVA AI API requests require authentication via a Bearer token in the Authorization header. You can generate dedicated AI API keys from your UMVA dashboard.

AI API Keys (umva_ai_ prefix): These are specialized keys used for LLM completions and usage stats only. They can be generated from the dashboard under AI settings and revoked independently from Sanctum tokens.

Request Headers:

Header Value Required
Authorization Bearer umva_ai_YOUR_KEY YES
Content-Type application/json YES
User-Agent umva-ai-editor/1.0 Recommended
X-Request-Id UUID Recommended (for tracing)

Editor Auth Flow (OAuth-like): The IDE uses a browser-based token exchange. Opening https://umva.net/account?redirect=umva-editor://callback redirects the browser to authorize the editor with no manual copy-pasting.