Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.spote.cloud/llms.txt

Use this file to discover all available pages before exploring further.

Every Spote API request must include an Authorization header with your Personal Access Token (PAT). Tokens start with spote_ and are generated from your Settings page. The raw token value is shown only once at creation time — the server stores only a hashed representation.

Getting a token

Generate a Personal Access Token from your Spote Settings page. See Personal Access Tokens for a step-by-step guide.

Using the token

Pass the token as a Bearer token in the Authorization header of every request: 
curl https://your-spote-app.com/api/notes \
  -H "Authorization: Bearer spote_YOUR_TOKEN_HERE"

Token format

Tokens follow the format spote_<32 hex characters>: 
spote_a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4
Each token value is unique and cryptographically random. Spote stores only a secure hash of the token — never the raw value.

Error responses

StatusDescription
401 UnauthorizedThe Authorization header is missing or the token is invalid.
403 ForbiddenThe token is valid but does not have access to the requested resource.
Tokens are shown only once when generated. If you lose a token, revoke it and create a new one.