Console
Authentication
Sign in to the Console with your UPGREAT Identity account. The control-plane API is then called on your behalf with a short-lived bearer token.
Signing in
Sign in to the Console at app.upgreat.ai with your UPGREAT Identity account. Your session is managed for you and stays signed in until it expires.
Two-factor authentication
Set up 2FA under Settings → Security for stronger account protection.Calling the API
Requests to api.upgreat.ai are authorized with a bearer token issued by UPGREAT Identity when you sign in, sent in the Authorization header. The token identifies you and carries the roles and policies that decide what you may do.
Programmatic access (pilot)
During the pilot the Console drives the control-plane API for you with your signed-in session. If you need to callapi.upgreat.ai directly from your own scripts or services, talk to your UPGREAT contact about the right credential — it is being finalized.curl https://api.upgreat.ai/v1/orgs \
-H "Authorization: Bearer <access-token>"GET /v1/orgs lists the organizations you belong to — a good first call to confirm a token works.
Two different credentials
The control-plane API (api.upgreat.ai) uses your UPGREAT Identity session token. The LLM inference API (llm.upgreat.ai) uses a project inference key. They are not interchangeable.Permissions
Access is enforced server-side from your role and any IAM policies attached to you. A call you are not allowed to make returns 403 Forbidden. See Members & roles and Policies for how access is granted.