The Rad TV API uses a multi-layered authentication system. Almost all operations require a valid Bearer token.
JWT
User sessions (e.g. from Rad web/mobile login).
API key
Programmatic and MCP access; generated from a JWT
DID
Canonical public identifier for channels and content (e.g. did:rad.live:channel/<uuid>).
did:rad.live:channel/<uuid>
Send the token on every request:
Authorization: Bearer <jwt-or-api-key>
GraphQL — Include this header on POST /graphql. Queries and mutations marked with @auth require it.
POST /graphql
@auth
MCP — Required for POST /mcp (initialize, list tools, call tools).
POST /mcp
Ingestion — POST /ingestion/:id requires an API key (Bearer).
POST /ingestion/:id
Without a valid Bearer token, protected operations return 401.
Only these do not require authentication:
ratings(limit, start) — Content ratings (e.g. MPAA, TV).
ratings(limit, start)
genres(limit, start) — Content genres.
genres(limit, start)
All other GraphQL operations and MCP tool calls require Bearer auth.
Last updated 27 minutes ago
