Exchange an Automation Secret

Exchange an automation secret for an access token.

Best for Automation developer and Workspace manager Updated April 3, 2026

API In this interface

4 steps Steps

1 examples Examples

Use this path when

Exchange the automation secret for an access token before calling scoped workspace APIs.

What you'll finish here

Use the right credential in the right place.
Mint a short-lived access token safely.
Know when to repeat the exchange.

Where this happens

Label	Value	Notes
Endpoint	POST /api/v1/automation-auth/exchange	Automation secret exchange endpoint.

Same Task, Other Interfaces

Use the version that matches where you are working now. The subject matter stays the same; the delivery changes by surface.

Exchange an Automation Secret Current path

API

Follow the REST API version of this task.

Exchange an Automation Secret Alternate path

CLI

Follow the CLI version of this task.

Keep this boundary clear

The long-lived automation secret is not the token you should keep reusing on normal resource endpoints.

Do the work

1. Send the long-lived automation secret as the bearer token in the `Authorization` header.
2. Read the returned short-lived access token and expiry timestamp.
3. Use the short-lived access token on resource endpoints such as `/api/v1/workspaces/{workspaceId}/tasks` or `/api/v1/workspaces/{workspaceId}/projects`.
4. Repeat the exchange when the short-lived token expires.

Exchange an automation secret

bash

curl -X POST http://localhost:5173/api/v1/automation-auth/exchange   -H 'authorization: Bearer blg_auto_secret_here'

Keep Going in Automation and Agents

Stay in the same interface and move to the next closest task in this topic when needed.

API Automation and Agents

List Automations

Review the current workspace automations before you create, update, or rotate one.

4 steps

API Automation and Agents

Create an Automation

Create the workspace automation boundary, issue the automation secret, and store that secret safely because it is only shown once.

4 steps

API Automation and Agents

Update an Automation

Change automation metadata, team boundaries, scopes, or suspension state without recreating the automation.

4 steps

API Automation and Agents

Rotate an Automation Secret

Issue a new automation secret when the old one should no longer be trusted, then replace it everywhere the old secret was used.

4 steps

API Automation and Agents

List Visible Agents

Review the current visible agent bindings before creating a new agent or editing an existing one.

4 steps

API Automation and Agents

Create a Visible Agent

Create a named visible agent under an existing installation so activity, assignees, and attribution can point to a meaningful product actor.

4 steps

API Automation and Agents

Update a Visible Agent

Change a visible agent name, team scope, role, or suspension state without recreating the binding.

4 steps

Nearby Guides

These guides stay close to the current workflow so you can keep moving without restarting discovery.

API Automation and Agents

Create an Automation

Create the workspace automation boundary, issue the automation secret, and store that secret safely because it is only shown once.

4 steps