Authentication
FreshThe Cloud Phone API supports two authentication methods. You only need to implement one.
Token Verification
The simpler method. Obtain your token from the GEELark client.
Required Request Headers
| Header | Description |
|---|---|
traceId | Version 4 UUID (unique per request) |
Authorization | Bearer <your_token> |
Content-Type | application/json |
How It Works
- Get your token from the GEELark client settings
- Include it in the
Authorizationheader with theBearerprefix - Generate a unique
traceId(UUID v4) for each request
Key Verification
More secure method using HMAC-style signature verification.
Required Request Headers
| Header | Description | Example |
|---|---|---|
appId | Team AppId | eH6gQR4oHr3FsZpI36La01IW |
traceId | Unique request ID (UUID v4) | db6094ab-3797-4186-84d5-b0b58eebad56 |
ts | Timestamp in milliseconds | 1716972892166 |
nonce | First 6 characters of traceId | db6094 |
sign | SHA256 signature (uppercase hex) | 6280C080AF7C3CCE... |
Content-Type | application/json | application/json |
Signature Generation
The sign value is generated by:
- Concatenate:
TeamAppId + traceId + ts + nonce + TeamApiKey - Generate SHA256 hash of the concatenated string
- Convert to uppercase hexadecimal
Example
Given ApiKey = YjmFIUuq0oJgSDJ42fxLEb6R1qjjqf:
Input: eH6gQR4oHr3FsZpI36La01IW + db6094ab-3797-4186-84d5-b0b58eebad56 + 1716972892166 + db6094 + YjmFIUuq0oJgSDJ42fxLEb6R1qjjqf
Output: 6280C080AF7C3CCE168F15C913E3444A00A618CB0E16038EED9811D6E3366BDDBrowser API Authentication
The Browser API runs locally on http://localhost:40185 and does not require authentication. The GEELark desktop client must be running and logged in.
WARNING
The Browser API is only accessible from the local machine. Do not expose port 40185 to external networks.