API Authentication¶

Flow APIs use Bearer token authentication.

Getting a Token¶

Option 1: OAuth2 (Recommended)¶

Use the OIDC flow to obtain an access token:

Redirect to Zitadel authorization endpoint
User authenticates
Exchange code for token
Use token in API requests

Option 2: Personal Access Token¶

Request a personal access token from your administrator, or create one in the Admin Console under Account > CLI Tokens.

Using the Token¶

Include the token in the Authorization header:

curlPython

curl -X GET "https://admin.iflow.intelliseq.com/api/v1/projects" \
  -H "Authorization: Bearer YOUR_ACCESS_TOKEN"

import httpx

headers = {"Authorization": "Bearer YOUR_ACCESS_TOKEN"}
response = httpx.get(
    "https://admin.iflow.intelliseq.com/api/v1/projects",
    headers=headers
)

Project Context (X-Project-ID)¶

Most API endpoints are project-scoped and require an X-Project-ID header with the project's UUID. Without it you will receive a 400 Bad Request error.

Admin-service endpoints do NOT require this header — they operate at the organization or user level.

Getting your Project ID¶

Use the admin-service to list your projects and find the UUID:

curlResponse

curl -X GET "https://admin.iflow.intelliseq.com/api/v1/projects" \
  -H "Authorization: Bearer YOUR_ACCESS_TOKEN"

[
  {
    "id": "924d3f2-725b-43be-99ba-9641e34fd486",
    "name": "My Project",
    "slug": "my-project",
    "org_id": "c42299b8-ac28-49e8-a3b9-6a808165dad2",
    "org_name": "My Organization",
    "bucket_name": "my-project-bucket"
  }
]

The id field is the value to use as X-Project-ID.

Making project-scoped requests¶

curlPythonJava

curl -X GET "https://miner.iflow.intelliseq.com/api/v1/orders" \
  -H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
  -H "X-Project-ID: 924d3f2-725b-43be-99ba-9641e34fd486"

import httpx

headers = {
    "Authorization": "Bearer YOUR_ACCESS_TOKEN",
    "X-Project-ID": "924d3f2-725b-43be-99ba-9641e34fd486",
}
response = httpx.get(
    "https://miner.iflow.intelliseq.com/api/v1/orders",
    headers=headers
)

HttpURLConnection conn = (HttpURLConnection) new URL(url).openConnection();
conn.setRequestMethod("GET");
conn.setRequestProperty("Authorization", "Bearer " + token);
conn.setRequestProperty("X-Project-ID", projectId);
conn.setRequestProperty("Accept", "application/json");

Which services require X-Project-ID?¶

Service	X-Project-ID required?
Admin (`admin.iflow.intelliseq.com`)	No
Miner (`miner.iflow.intelliseq.com`)	Yes
Compute (`compute.iflow.intelliseq.com`)	Yes
Files (`files.iflow.intelliseq.com`)	Yes

Token Expiration¶

Access tokens expire after 1 hour. Use refresh tokens to obtain new access tokens without re-authenticating.

Error Responses¶

Status	Meaning	Common cause
400	Bad request	Missing `X-Project-ID` header on a project-scoped endpoint
401	Not authenticated	Missing, invalid, or expired token
403	Forbidden	Token valid but insufficient permissions for this resource