Reggie write endpoints require an Arsenal Capability Token (ACT).
POST /v1/entries
Authorization: Bearer act_4f9a2b…
Content-Type: application/json
ACTs are short-lived (15 min default), scoped (one or more mars.publish.*
capabilities), and bound to a specific identity DID.
Issuing an ACT
reggie token issue --scope mars.publish.skill --ttl 15m
# act_4f9a2b…
Or programmatically via Arsenal:
curl -X POST https://arsenal.l1fe.ai/v1/tokens \
-H "Authorization: Bearer <root-act>" \
-d '{ "scopes":["mars.publish.skill"], "ttlSeconds":900 }'
Read endpoints are public — no auth required, but rate-limited per IP.