Scoped Auth
Define auth once, reuse it everywhere. The @auth directive now supports file, global, and none scopes, so you no longer have to repeat the same auth on every request.
Scopes:
@auth bearer ...or@auth request bearer ...- applies to one request@auth file bearer ...- inherited by later requests in the same document@auth global bearer ...- inherited workspace-wide@auth none- disables inherited auth for one request
Precedence:
- request-scoped auth wins over file and global auth
- file-scoped auth wins over global auth
Important:
If you define global auth, subsequent requests inherit it unless they opt out with @auth none. That means it is easy to send auth to endpoints that do not need it.
If you want reusable auth without implicit inheritance, define it in a global @patch and opt in per request with # @apply use=....
Example:
# Give later requests in this file the same CLI-backed auth
# @auth file command argv=["gh","auth","token"] cache_key=github-cli
### User profile - inherits file auth automatically
GET https://api.github.com/user
### Repositories - also inherits
GET https://api.github.com/user/repos
### Rate limit - skip inherited auth
# @auth none
GET https://api.github.com/rate_limitWorks with all supported auth types, including basic, bearer, apikey, custom header auth, command, and oauth2.