Skip to main content

Authentication

This page explains how to authenticate when calling the RepoFlow API, so you can access protected endpoints.

RepoFlow supports:

  • Personal Access Tokens (recommended for CI and automation)
  • Basic Authentication with your normal username and password

Using Personal Access Tokens

Personal Access Tokens can be created in Account Settings and used in two ways:

1. Bearer token

You can use the token as a bearer token in the Authorization header of your requests.

Header:

HTTP Header
Authorization: Bearer <personal-access-token>

Example request:

Command Line
curl -H "Authorization: Bearer <personal-access-token>" https://api.repoflow.io/endpoint

2. Basic authentication (token as password)

You can use the token as the password in Basic Authentication. When doing so, the username must be set to "token".

Header:

HTTP Header
Authorization: Basic <base64("token:<personal-access-token>")>

Example request:

Command Line
curl -u "token:<personal-access-token>" https://api.repoflow.io/endpoint

Basic Authentication with username and password

You can authenticate using your normal RepoFlow username and password via Basic Authentication.

Header:

HTTP Header
Authorization: Basic <base64("<username>:<password>")>

Example request:

Command Line
curl -u "<username>:<password>" https://api.repoflow.io/endpoint