LynxPromptLynxPrompt

Authentication

Learn how to generate API tokens and authenticate your requests to the LynxPrompt API.

Token Format

LynxPrompt API tokens use the lp_ prefix for easy identification:

lp_aBcDeFgHiJkLmNoPqRsTuVwXyZ123456

Tokens are 36 characters long: 3-character prefix + 33 random alphanumeric characters.

Creating API Tokens

1

Navigate to Settings

Go to Settings and scroll to the "API Tokens" section.

2

Click "Generate New Token"

Enter a descriptive name for your token (e.g., "CI/CD Pipeline" or "Local Dev").

3

Select Role

Choose the appropriate role based on what the token needs to do:

  • BLUEPRINTS_FULL - For syncing blueprints from CI/CD (recommended)
  • BLUEPRINTS_READONLY - For read-only scripts
  • PROFILE_FULL - For profile management apps
  • FULL - Full access (use sparingly)
4

Set Expiration

Choose how long the token should be valid (1 week to 1 year). Shorter expiration is more secure.

5

Copy Your Token

The full token is shown only once. Copy it immediately and store it securely.

Security Best Practices
  • • Never commit API tokens to version control
  • • Use environment variables or secret managers
  • • Create separate tokens for different use cases
  • • Revoke tokens immediately if compromised
  • • Use the minimum required role for each token

Using API Tokens

Include your token in the Authorization header as a Bearer token:

curl -X GET https://lynxprompt.com/api/v1/blueprints \
     -H "Authorization: Bearer lp_your_token_here" \
     -H "Content-Type: application/json"

Example: List Your Blueprints

# Set your token as an environment variable
export LYNXPROMPT_API_TOKEN="lp_your_token_here"

# List all your blueprints
curl -H "Authorization: Bearer $LYNXPROMPT_API_TOKEN" \
     https://lynxprompt.com/api/v1/blueprints

Response:

{
  "blueprints": [
    {
      "id": "bp_abc123xyz",
      "name": "My React Config",
      "description": "Configuration for React projects",
      "visibility": "private",
      "platform": "cursor",
      "createdAt": "2025-01-15T10:30:00.000Z",
      "updatedAt": "2025-01-20T14:45:00.000Z"
    }
  ],
  "total": 1
}

Error Responses

401 Unauthorized- Missing or invalid token
{ "error": "Missing or invalid API token" }
401 Unauthorized- Expired token
{
  "error": "Token expired",
  "expired_at": "2025-01-15T10:30:00.000Z"
}
401 Unauthorized- Revoked token
{ "error": "Token has been revoked" }
403 Forbidden- Insufficient permissions
{ "error": "Insufficient permissions for this action" }

Revoking Tokens

To revoke a token, go to Settings → API Tokens and click the "Revoke" button next to the token you want to disable. Revoked tokens stop working immediately.