BahriyaBAHRIYAby Mamluk

Personal Access Tokens

Personal Access Tokens (PATs) let you authenticate with the Bahriya API and CLI without using your browser login. They are commonly used for CI/CD pipelines, scripts, and any automation that needs to interact with your Bahriya resources.

Updated 8 Jun 20262 min read

Personal Access Tokens (PATs) let you authenticate with the Bahriya API and CLI without using your browser login. They are commonly used for CI/CD pipelines, scripts, and any automation that needs to interact with your Bahriya resources.

Creating a token

Go to Tokens in the console (under your user menu) and create a new token. You need to provide:

  • Name — A label so you can identify what the token is used for (e.g. "GitHub Actions", "Local dev").
  • Expiry — Choose "never" for a token that does not expire, or set a number of days.

When the token is created, it is displayed once. Copy it immediately — you will not be able to see it again. If you lose it, delete the token and create a new one.

Token format: pat_ followed by 64 characters.

Using a token

With the Reis CLI

Configure the CLI to use your token:

reis auth login --token pat_your_token_here --api https://api.bahriya.cloud

Or set it as an environment variable:

export REIS_API_TOKEN=pat_your_token_here
export REIS_API_URL=https://api.bahriya.cloud

With the API directly

Include the token in the Authorization header:

Authorization: Bearer pat_your_token_here

Managing tokens

From the Tokens page you can:

  • List all your tokens with their names and expiry dates.
  • Update a token's name or expiry.
  • Delete a token. Deletion is immediate — any pipeline or script using that token will stop working.

Best practices

  • One token per use case. Create separate tokens for each CI/CD pipeline or integration. If one is compromised, you can revoke it without affecting others.
  • Set an expiry for tokens used in CI/CD. Rotate them periodically.
  • Use environment variables rather than hardcoding tokens in config files or scripts.
  • Delete unused tokens. If a pipeline or integration is decommissioned, delete its token.

Limitations

  • You must be signed in to the console (via browser) to create, list, or delete tokens. You cannot manage tokens using a PAT itself.
  • Tokens inherit your permissions — a token can do anything you can do across all organisations you belong to.