> ## Documentation Index
> Fetch the complete documentation index at: https://docs.fucksornot.com/llms.txt
> Use this file to discover all available pages before exploring further.

# API Tokens

> Generate and manage API tokens for programmatic access

API tokens provide long-lived authentication for scripts and integrations.

## Generate Token

Create a new API token.

### Request

```bash theme={null}
curl -X POST https://fucksornot.com/api/auth/tokens/generate \
  -H "Authorization: Bearer YOUR_JWT_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"name": "Upload Script"}'
```

### Response

```json theme={null}
{
  "id": "550e8400-e29b-41d4-a716-446655440000",
  "token": "7f3a9c2e1b8d4f6a0c5e3b7d9a1f2c4e6b8d0a3c5e7f9b1d3a5c7e9f0b2d4f6a",
  "name": "Upload Script",
  "expiresAt": "2026-01-24T00:00:00Z"
}
```

<Warning>
  The `token` value is only shown once. Store it securely as it cannot be retrieved later.
</Warning>

***

## List Tokens

Get all API tokens for your account.

### Request

```bash theme={null}
curl https://fucksornot.com/api/auth/tokens \
  -H "Authorization: Bearer YOUR_JWT_TOKEN"
```

### Response

```json theme={null}
[
  {
    "id": "550e8400-e29b-41d4-a716-446655440000",
    "name": "Upload Script",
    "created_at": "2025-01-24T00:00:00Z",
    "last_used_at": "2025-01-24T12:00:00Z",
    "expires_at": "2026-01-24T00:00:00Z"
  }
]
```

<Note>
  The token value is not included in the list response for security.
</Note>

***

## Revoke Token

Delete a token to revoke its access.

### Request

```bash theme={null}
curl -X DELETE https://fucksornot.com/api/auth/tokens/TOKEN_ID \
  -H "Authorization: Bearer YOUR_JWT_TOKEN"
```

### Response

```json theme={null}
{
  "success": true
}
```

***

## Using API Tokens

Use API tokens with the `/api/v1/upload` endpoint:

```bash theme={null}
curl -X POST https://fucksornot.com/api/v1/upload \
  -H "Authorization: Bearer 7f3a9c2e1b8d4f6a0c5e3b7d9a1f2c4e6b8d0a3c5e7f9b1d3a5c7e9f0b2d4f6a" \
  -F "upload_type=image" \
  -F "description=My upload" \
  -F "file=@image.jpg"
```

## Best Practices

<AccordionGroup>
  <Accordion title="Use descriptive names">
    Name tokens based on their purpose (e.g., "GitHub Action", "Backup Script")
  </Accordion>

  <Accordion title="Rotate regularly">
    Generate new tokens periodically and revoke old ones
  </Accordion>

  <Accordion title="One token per use case">
    Create separate tokens for different integrations so you can revoke individually
  </Accordion>

  <Accordion title="Never commit tokens">
    Use environment variables or secret management tools
  </Accordion>
</AccordionGroup>
