Authentication
InsightAgent supports authentication for accessing the platform and API.
Web Application Login
Sign in to the web application at app.insightagent.io using:
- Email and password (via Supabase authentication)
API Authentication
For programmatic access, InsightAgent supports two authentication methods:
Bearer Token (JWT)
Use your session token in the Authorization header:
curl -X GET "https://api.insightagent.io/api/interviews" \
-H "Authorization: Bearer <your-jwt-token>"
Tokens are obtained through the web application login flow via Supabase.
API Keys
For server-to-server integrations, use API keys:
curl -X GET "https://api.insightagent.io/api/interviews" \
-H "x-api-key: <your-api-key>"
API keys are currently provisioned by administrators. Contact your account administrator or support@insightagent.io to request an API key.
Security Best Practices
- Never share API keys in client-side code
- Rotate API keys periodically
- Use environment variables to store credentials
Expert Access (Ungated)
Experts joining web interviews do not need to authenticate. They access interviews via unique, secure links:
https://app.insightagent.io/call/{interview-id}/join
These links are tied to specific interviews and allow experts to join without creating an account.