Authentication
VisiHub uses passwordless authentication. Instead of managing passwords, you sign in with a magic link sent to your email.
Magic links
Section titled “Magic links”When you sign in:
- Enter your email address on the login page.
- VisiHub sends a one-time magic link to your inbox.
- Clicking the link authenticates your session.
Magic links expire after 15 minutes and can only be used once.
JWT tokens
Section titled “JWT tokens”After authenticating via a magic link, VisiHub issues a JWT (JSON Web Token) for subsequent API requests. The token is included in the Authorization header:
Authorization: Bearer <token>Tokens are short-lived and automatically refreshed by the VisiHub client libraries.
API authentication
Section titled “API authentication”For programmatic access, include your JWT token in the Authorization header of every request:
curl -H "Authorization: Bearer <token>" \ https://api.visihub.com/v1/filesVisiGrid integration
Section titled “VisiGrid integration”The VisiGrid CLI and desktop app handle authentication automatically. After running visigrid session login, your credentials are stored locally and used for all VisiHub operations.
Security notes
Section titled “Security notes”- All authentication traffic is encrypted over HTTPS.
- Magic links are single-use and time-limited.
- JWT tokens are signed server-side and validated on every request.
- Sessions can be revoked from your account settings.