I’m trying to update my command line tool, https://github.com/kevinburke/go-circle, with the new Workflows API, which makes POST requests to a new https://circleci.com/query-api endpoint. I’ve figured out the transit encoding format, but I can’t figure out how to authenticate.
I’ve tried sending my token both as part of a Basic Authentication header, and using the old ?circle-token=token format, but no luck.
The frontend authenticates with a “ring-session-id” cookie. I would rather not authenticate by making requests to the website to get a session ID, CSRF token and then sending that back to the API, but I would if need be.
Is there any easier way to authenticate to the API?