Documentation Index

Fetch the complete documentation index at: https://docs.kynasmith.dev/llms.txt

Use this file to discover all available pages before exploring further.

​

Authentication issues

Use this page when Kynasmith rejects your HTTP request before any MoveSpec or detection logic runs.

​

Common symptoms

• 401 responses such as access_token_missing or access_token_invalid
• 403 responses caused by scope or project mismatch
• Browser SDK calls that work on your backend but fail in the browser

​

What to check

• Mint the bearer token from POST /api/auth/access-tokens or let the Python SDK handle it automatically with your API key.
• Make sure the token was minted for the same project you use in MoveSpec and detection calls.
• Confirm the token scopes cover the operation you are attempting. See the scopes reference.
• In the browser, return a short-lived bearer token from your own backend tokenProvider. Do not embed long-lived API keys or service-account secrets in browser code.

​

Browser-specific failures

If the Web SDK fails in the browser:

• Confirm your tokenProvider actually returns a string bearer token.
• Make sure your backend token endpoint is reachable from the browser origin.
• Verify the token has not expired before session creation starts.
• Remember that the Web SDK can call tokenProvider more than once during a long-lived browser session, so your backend endpoint must support repeat token requests.
• Check that CORS is configured correctly if your frontend and backend are on different origins.

​

Related pages

• Authentication
• Error codes
• API reference
• Realtime protocol