Sign in with GitHub, Google, or ORCID. Enterprise teams can use SAML SSO. Programmatic access is available via API keys or the PRISM CLI device flow.
MARC27 supports three OAuth providers. Click one on the login page and you're in — an account is created automatically on first sign-in.
GitHub
Best for developers and open-source teams
Google Workspace compatible for org-level SSO
ORCID
Links your researcher identity for attribution
Organizations can connect their identity provider for single sign-on. Members authenticate through your existing IdP and are automatically added to the right org.
Generate API keys for programmatic access. Keys use the m27_ prefix, are scoped to a project, and the full key is shown exactly once at creation.
POST /api/v1/api-keys
Authorization: Bearer <token>
{
"name": "ci-pipeline",
"project_id": "proj_..."
}
# Response — save this, it won't be shown again
{
"prefix": "m27_ab12",
"key": "m27_ab12cd34ef56..."
}# Use it in any API call
curl -H "Authorization: Bearer m27_ab12cd34ef56..." \
https://platform.marc27.com/api/v1/resourcesThe PRISM CLI authenticates using a device flow — ideal for SSH sessions and headless environments.
$ prism auth login
→ Open this URL in your browser:
https://platform.marc27.com/auth/device
→ Enter code: ABCD-1234
Waiting for authorization...
✓ Authenticated as you@example.com
✓ Token saved to ~/.prism/credentialsThe Python SDK handles authentication automatically. Pass your API key or let it pick up credentials from the CLI.
import marc27
# Option 1: API key
client = marc27.Client(api_key="m27_...")
# Option 2: Use PRISM CLI credentials (auto-detected)
client = marc27.Client()Access tokens are short-lived (1 hour) and automatically refreshed by the SDK and CLI. Refresh tokens rotate on each use for security — if you suspect a token is compromised, revoke the entire session from your dashboard.