AgentMeshStart free

Getting started

Authentication

AgentMesh uses built-in JWT authentication. You exchange email and password for a short-lived access token and a long-lived refresh token, then send the access token as a bearer token on every request.

Endpoints

POST   /v1/auth/register          create an account
POST   /v1/auth/login             email + password -> token pair
POST   /v1/auth/refresh           refresh token -> new access token
POST   /v1/auth/logout            revoke the session
GET    /v1/auth/me                the current user
PATCH  /v1/auth/me                update your profile
POST   /v1/auth/change-password   change password

Using the token

curl https://app.agent-mesh.org/v1/agents \
  -H "Authorization: Bearer $ACCESS_TOKEN"

Access tokens are short-lived. When one expires, exchange the refresh token at POST /v1/auth/refresh rather than logging in again.

Missing or invalid auth

{"detail": "Authorization header missing"}

Auth endpoints are rate-limited to 5 requests/minute (3/minute for password reset and email verification). Passwords are hashed with bcrypt; a non-ACTIVE account is rejected at token validation.