Authentication
Access tokens
The Polaris API authenticates using Bearer tokens. Every request must include the token in the Authorization header:
curl https://polaris.revlv.com/v1/devices \
-H "Authorization: Bearer {token}" \
Tokens are workspace-scoped — requests only return data belonging to that workspace. Tokens are prefixed with polaris_ and do not expire by default.
Generate a token in the Polaris dashboard under Settings → API Tokens.
Keep your token secret. If you suspect it has been compromised, revoke it immediately from the dashboard and issue a new one.
Headers
| Header | Required | Description |
|---|---|---|
Authorization | Yes | Bearer {token} |
Error responses
| Status | Meaning |
|---|---|
401 Unauthorized | Token missing, invalid, or expired |
403 Forbidden | Token valid but no access to the resource |
429 Too Many Requests | Rate limit exceeded — see Retry-After header |