The Modus API authenticates requests using a bearer token in the
Authorization header. Every request must include a valid token.
curl https://api.staging.getmodus.com/api/v1/agents \
-H "Authorization: Bearer $MODUS_TOKEN"
Personal Access Tokens
For server-to-server and third-party integrations, use a Personal Access
Token (PAT). A PAT has the form:
modus_<orgUuid>_<prefix>_<secret>
- Store it in a secret manager or environment variable — never commit it.
- Scope it to the minimum access the integration needs.
- Rotate it if it is ever exposed.
The secret portion of a PAT is shown only once at creation time. If you lose
it, create a new token and revoke the old one.
Using the token in the playground
The interactive playground in the API Reference sends the
token you provide as a bearer credential, so you can try endpoints against the
staging environment without writing any code.