Console

Authentication

Sign in to the Console with your UPGREAT Identity account. The control-plane API is then called on your behalf with a short-lived bearer token.

Signing in

Sign in to the Console at app.upgreat.ai with your UPGREAT Identity account. Your session is managed for you and stays signed in until it expires.

Two-factor authentication

Set up 2FA under Settings → Security for stronger account protection.

Calling the API

Requests to api.upgreat.ai are authorized with a bearer token issued by UPGREAT Identity when you sign in, sent in the Authorization header. The token identifies you and carries the roles and policies that decide what you may do.

Programmatic access (pilot)

During the pilot the Console drives the control-plane API for you with your signed-in session. If you need to call api.upgreat.ai directly from your own scripts or services, talk to your UPGREAT contact about the right credential — it is being finalized.
Authorized request
curl https://api.upgreat.ai/v1/orgs \
  -H "Authorization: Bearer <access-token>"

GET /v1/orgs lists the organizations you belong to — a good first call to confirm a token works.

Two different credentials

The control-plane API (api.upgreat.ai) uses your UPGREAT Identity session token. The LLM inference API (llm.upgreat.ai) uses a project inference key. They are not interchangeable.

Permissions

Access is enforced server-side from your role and any IAM policies attached to you. A call you are not allowed to make returns 403 Forbidden. See Members & roles and Policies for how access is granted.