Authentication

Bleenk cloud uses secure sessions for the web app and separate credentials for automation and third-party connectors. Workspace admins control who can create projects, install connectors, and manage billing.

Sign-in methods

• Email and password with optional two-factor authentication
• Google, GitHub, and other OAuth providers (as enabled for your workspace)
• Team SSO for enterprise workspaces

API tokens

Create workspace API tokens under Settings → API. Use them as Bearer tokens for REST calls (see API reference). Rotate or revoke tokens when people leave the team.

Authorization: Bearer bleenk_live_xxxxxxxx

External & provider keys

• BYOK model keys

  Encrypted provider keys for LiteLLM routing — never shown in chat logs.

• Connector credentials

  MCP and integration tokens encrypted at rest; decrypted only at call time.

• Deploy credentials

  Per-target OAuth or API tokens for Vercel, AWS, and other hosts.

Workspace roles

• Admin — billing, members, connectors, and workspace settings
• Member — create and edit projects they can access
• Viewer — read-only access where granted