Authentication | Cosantoir Docs

Developers / API Reference

Session cookies, bearer tokens, and credential handling.

9 categories51 pagesUpdated Mar 24, 2026

Browse Documentation

Foundation

Getting Started

Introduction Quickstart Architecture Troubleshooting Deployment Models

Platform

Frameworks (SDK)

Next.js Express Hono Bun Deno NestJS SvelteKit Astro Fastify Node.js Nuxt Go Rust Python + FastAPI Python + Flask React Router & Remix Solid Start Koa AdonisJS Elysia

Capabilities

Blueprints

Signup Abuse Protection Global Rate Limiting Bot Fingerprinting

Product

Core Platform

Web App Dashboard Sync Center Account Security

Developers

Developer Tools

API Reference

Overview Authentication Errors Rate Limits Integrations API

Guides

Slack Automation PagerDuty Escalation Webhook Automation Policy Profiles

Operations

Operations

Deployment Checklist Monitoring Incident Response Backup and Restore

Business

Billing and Plans

Pricing Overview Invoices and Refunds Enterprise Contracts

On This Page

No section anchors

# Authentication Cosantoir supports secure session cookies for browser flows and bearer tokens for service calls. ## Browser Sessions - Login issues HTTP-only session cookies. - CSRF protections are required on mutation endpoints. ## Service Tokens ``http Authorization: Bearer <token>`` ## Token Scope Grant least-privilege scopes for automation. Rotate tokens on schedule or incident response.

Last updated Mar 24, 2026

Previous

Overview

Next

Errors