API authentication

Current public method

The current public deployment supports authenticated session access. For browser-backed or operator-backed access, send the authenticated session context with the request. Example:

curl -s \
  -H "Cookie: sb-access-token=<your-session-cookie>" \
  https://dev.meridian7.io/api/v1/navi/agents

Planned credential types

Navi is designed for:

personal access tokens
service API keys

These credentials are not enabled in the current public deployment yet.

Rollout behavior

If token issuance or service-key issuance is not enabled in your deployment, the relevant auth endpoints return 501 not_implemented.

Scope-based access

Navi uses scope-based authorization for public resources. Common scopes include:

agents:read
deals:read
briefings:read
runs:read
runs:write

Recommendations

use session auth today unless your deployment explicitly enables token issuance
keep the returned requestId for debugging and support
handle 401, 403, and 501 distinctly in your client

Overview

CLI

MCP

API

Authentication

API authentication

Current public method

Planned credential types

Rollout behavior

Scope-based access

Recommendations

Overview

CLI

MCP

API

​API authentication

​Current public method

​Planned credential types

​Rollout behavior

​Scope-based access

​Recommendations

API authentication

Current public method

Planned credential types

Rollout behavior

Scope-based access

Recommendations