Personal Access Tokens
Authenticate as yourself against the Workspace API using a personal access token instead of a workspace-scoped API key.
Overview
Personal access tokens (PATs) let you call the same Workspace API endpoints that workspace API keys use, but authenticated as your user rather than a shared workspace identity. This is useful for personal scripts, CLI tools, and CI/CD pipelines where actions should be attributed to you.
User-scoped — PATs are tied to your account, not to a single workspace. One token can access any workspace you belong to by passing the X-Workspace-Id header.
Prefixed with gcp_ — easy to identify in logs and environment variables. Workspace API keys use gck_ and agent tokens use gca_.
Optional expiration — tokens can be created with a 30-, 60-, 90-day, or 1-year expiry, or with no expiration at all.
Create a token
- Open Account Settings from your profile menu.
- Scroll to the Personal Access Tokens section.
- Click Create a personal access token.
- Enter a descriptive name (e.g. “CLI”, “CI/CD pipeline”, “Script”).
- Choose an expiration period (or leave it as “No expiration”).
- Click Create token. Your token will be displayed once — copy it immediately.
Authenticate
Pass your PAT as a Bearer token in the Authorization header, just like a workspace API key:
curl -H "Authorization: Bearer gcp_YOUR_TOKEN" \
-H "X-Workspace-Id: YOUR_WORKSPACE_ID" \
https://groupchat.ai/api/v1/tasksThe server identifies the token type by its prefix and resolves your user identity automatically.
Specifying the workspace
Because a PAT is tied to your user account — not a specific workspace — you must tell the API which workspace to operate on. Include the X-Workspace-Id header with every request:
X-Workspace-Id: <your-workspace-id>
You can find your workspace ID in the URL when viewing any project (the first path segment after /workspace/), or from the workspace settings page.
Examples
List tasks
curl -H "Authorization: Bearer gcp_YOUR_TOKEN" \
-H "X-Workspace-Id: YOUR_WORKSPACE_ID" \
https://groupchat.ai/api/v1/tasksCreate a task
curl -X POST \
-H "Authorization: Bearer gcp_YOUR_TOKEN" \
-H "X-Workspace-Id: YOUR_WORKSPACE_ID" \
-H "Content-Type: application/json" \
-d '{"title": "Ship new feature", "projectId": "PROJECT_ID"}' \
https://groupchat.ai/api/v1/tasksList projects
curl -H "Authorization: Bearer gcp_YOUR_TOKEN" \
-H "X-Workspace-Id: YOUR_WORKSPACE_ID" \
https://groupchat.ai/api/v1/projectsEnvironment variable setup
# Store in your shell profile or CI secrets
export GROUPCHAT_TOKEN="gcp_YOUR_TOKEN"
export GROUPCHAT_WORKSPACE="YOUR_WORKSPACE_ID"
# Then use in scripts
curl -H "Authorization: Bearer $GROUPCHAT_TOKEN" \
-H "X-Workspace-Id: $GROUPCHAT_WORKSPACE" \
https://groupchat.ai/api/v1/tasksToken lifecycle
Creation
Tokens are created from Account Settings. The full token value is shown exactly once at creation time. Only the first 12 characters (prefix) are stored for display purposes.
Usage tracking
Each time a token is used, the “Last used” date is updated. This helps you identify unused tokens that can safely be revoked.
Expiration
If you set an expiration, the token stops working after that date. Expired tokens are marked in the UI but not automatically deleted — revoke them when convenient.
Revocation
You can revoke any token at any time from Account Settings. Revocation is immediate — any request using the token will fail with a 401 error.
PATs vs workspace API keys
Personal Access Token (gcp_) | Workspace API Key (gck_) | |
|---|---|---|
| Scope | Your user account (all workspaces) | Single workspace |
| Identity | Actions attributed to you | Actions attributed to the API key name |
| Workspace header | Required (X-Workspace-Id) | Not needed (key is workspace-bound) |
| Created from | Account Settings | Workspace Settings |
| Best for | Personal scripts, CLI, CI/CD | Shared integrations, team automations |
API reference
PATs authenticate against the same endpoints as workspace API keys. See the Workspace API Reference for the full list of available endpoints, request/response schemas, and query parameters.