R
Rankup
Sign in Get Started

Authentication

Rankup uses Supabase Auth for authentication. API requests must include a valid session token in the request headers.

Obtaining a token

Authenticate using your email and password to receive a session token:

POST https://app.rankup.cc/auth/callback
Content-Type: application/json

{
  "email": "you@agency.com",
  "password": "your-password"
}

Using the token

Include the access token in the Authorization header of subsequent requests:

GET https://app.rankup.cc/api/clients
Authorization: Bearer YOUR_ACCESS_TOKEN

Token refresh

Access tokens expire after 1 hour. Use the refresh token to obtain a new access token without re-authenticating. The Supabase client libraries handle this automatically.

Permissions

API requests respect the same role-based permissions as the dashboard. A Viewer cannot create clients via the API, and a Client Viewer can only access their assigned client's data.