In general all API requests require a Bearer Authentication token which is send as a header in every request. The authentication API endpoint handles the creation and refreshing this token.

To talk to the API, a new device (this can be a tablet or a desktop or mobile client) has to be registered through an 8 letter code. This generates a new Bearer Authentication token.

Send the POST request with an empty 'Authorization: Bearer' header.

POST https://webapp.cloud.remarkable.com/token/json/2/device/new

Payload:

{
    "code": "gliuqtne",
    "deviceDesc": "desktop-windows",
    "deviceID": "701c3752-1025-4770-af43-5ddcfa4dabb2"
}

• code is the code generated at https://my.remarkable.com/#desktop
• deviceDesc describes the type of the device can be one of desktop-windows, desktop-macos, mobile-ios, mobile-android, browser-chrome, remarkable FIXME what else?
• deviceID a UUID-4, simply generate a new one to identify your client

The response is the new token in plain text.

Bearer Tokens should be refreshed before using. I haven't seen them expiring so far, but that might happen in the future.

Simply send a POST request with the current token as 'Authorization: Bearer ' header.

POST https://my.remarkable.com/token/json/2/user/new

The response is the new token in plain text.

FIXME Update when this is implemented by reMarkable. It's currently not possible to remove a device.