The Qoder Cloud Agents API uses a Personal Access Token (PAT) for authentication. All API requests must include a valid PAT in the HTTP header.
Get a PAT
Sign in to the Qoder CN Console.
Go to Settings → API Tokens.
Click Create Token and set a name and scopes.
Copy the generated token (it is displayed only once) and store it securely.
A PAT starts with the pt- prefix, for example pt-your-token-here. Never commit your token to code repositories or share it publicly.
Bearer header format
Pass the PAT in the Authorization header using the Bearer scheme:
Authorization: Bearer pt-your-token-here
Example request:
# Get the agent list
curl -s "https://api.qoder.com.cn/api/v1/cloud/agents" \
-H "Authorization: Bearer $QODER_PAT"
Environment variable configuration
Store your PAT as an environment variable to avoid hard-coding it:
# Add to ~/.bashrc or ~/.zshrc
export QODER_PAT="pt-your-token-here"
# Verify the configuration
curl -s "https://api.qoder.com.cn/api/v1/cloud/agents?limit=1" \
-H "Authorization: Bearer $QODER_PAT"
Security recommendations
Create separate PATs for your development, testing, and production environments.
Rotate your tokens regularly.
Apply the principle of least privilege when assigning token scopes.
If a token is compromised, revoke it immediately on the console.