servicetitan/arcade-eval
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs: record confirmed headless auth headers (Authorization + Arcade-User-ID)

Browse Source
This commit is contained in:
iztaylor
2026-06-18 10:13:15 -04:00
parent b776157c95
commit dfc7f6a589
3 changed files with 10 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
LIVE-POC.md
+4 -1
View File
@@ -40,7 +40,10 @@ Self-hosted on `backstage-wus2-v4` via Flux; vendor Helm chart **1.8.8**
## Live fixtures (filled in Phase 1)
- **Project:** _TBD (Task 1.1)_
- **API key:** _label / last-4 only — never the key (Task 1.1)_
- **Headless auth header convention:** _confirmed in Task 1.1_
- **Headless auth header convention (confirmed via Arcade docs 2026-06-18):** MCP gateway calls use
`Authorization: Bearer <ARCADE_API_KEY>` + `Arcade-User-ID: <user_id>`. The user_id is any stable
string (an email works); this mode is for clients without browser auth / token refresh. Self-hosted
gateway URL: `https://api.arcade.st.dev/mcp/<slug>`. (Source: docs.arcade.dev call-tool-client.)
- **Baseline gateway:** _slug + tool allow-list (Task 1.2)_
- **Shared reference server:** _name + tools echo/whoami/add (Task 1.4)_
- **`whoami` identity field:** _exact field the server reads (Task 1.4 / 2.4)_