Authentication

Signing in does a real cryptographic handshake. Your private key stays on your device — nothing secret crosses the wire.

Browser sign-in

Head to /login and paste in your tenant ID, API key, and private key. The browser runs the handshake automatically via the Web Crypto API. Your private key sits in browser memory and never gets transmitted.

Sessions last 1 hour by default and survive page refreshes and server restarts.

How it works

A Diffie-Hellman key exchange sets up a secure session:

  1. Your browser generates a temporary keypair.
  2. The server generates its own.
  3. Both sides derive the same session key.
  4. Your browser derives a wrapping key from your private key.
  5. The wrapping key is sent to the server, encrypted with the session key.
  6. The server caches it in memory for the length of the session.

The wrapping key is what encrypts and decrypts your data. It comes out of a one-way function — even if someone walked off with it, they couldn’t recover your private key from it.

CLI tool

The dispatched CLI handles auth, workflows, and secrets from your terminal. See the CLI docs for install and usage.

API access without the CLI

If you can’t use the CLI, you’ll need to implement the DH handshake in your client. See the API Reference for the session endpoints:

  1. POST /api/session — start the handshake with your ephemeral public key
  2. POST /api/session/confirm — finish it and get a session token back

Then include the token on every request:

Dispatched-Session: dst_sess_...

Multiple tenants

You can be signed into several tenants at once. Use the tenant switcher in the sidebar to jump between them or add another.

Run sessions

Every workflow run gets a short-lived session token (dst_run_...) that’s good for 24 hours. It’s available in expressions as {{ run.session }}, and you can use it to authenticate webhook callbacks from external services.

Pass it as a query parameter when you can’t set a custom header:

https://dispatched.work/workflows/my_webhook?dispatched_session=dst_run_abc123

This is the escape hatch for services like payment providers that need to call back into your run. The run session carries the same tenant context and encryption keys as your main session.

Session lifecycle

  • Browser sessions expire after 1 hour
  • Run sessions expire after 24 hours
  • Extend a browser session with POST /api/session/refresh
  • Signing out ends the active tenant’s session
  • If you’re signed into multiple tenants, signing out flips you to the next one