Cloud authentication
Cloud requests use bearer authentication:
Authorization: Bearer vued_live_...
| Token | Use |
|---|
| Supabase JWT | Full user-session access. |
| Public API key | vued_live_... key scoped to one org and explicit scopes. |
client = Vued(api_key="vued_live_...", org_id="org_uuid")
Public API key scopes
| Scope | Grants |
|---|
records:read | Read fallback for meetings, transcripts, files, speakers, rooms, and users. |
meetings:read | Meeting audio and semantic meeting references. |
transcripts:read | Semantic search and transcript audio. |
files:read | File and folder reads, grants, and downloads. |
files:write | File and folder create, update, grant, and revoke. |
speakers:read | Speaker profile reads. |
rooms:read | Room and microphone reads. |
rooms:write | Room create and update. |
users:read | Organization user reads. |
webhooks:read | Webhook reads. |
webhooks:write | Webhook create, update, and delete. |
api_keys:read | Public API key reads. |
api_keys:write | Public API key create and revoke. |
org:<org_uuid> | Restricts a key to one org. |
Local desktop authentication
The desktop app writes a local discovery file that contains the local API URL and a runtime bearer token. The Python SDK reads this automatically.
Discovery order:
VUED_LOCAL_API_URL plus VUED_LOCAL_API_TOKENVUED_LOCAL_API_DISCOVERY- OS app-support
local-api.json under Vued Dev, Vued, vued-web, or legacy Electron
Discovery file shape:
{
"host": "127.0.0.1",
"port": 39391,
"pid": 12345,
"version": 1,
"profile": "prod",
"authToken": "run-local-secret",
"startedAt": 1782345600000
}
Never commit public API keys, local desktop tokens, webhook secrets, OAuth tokens, or .env files.