Personal Access Tokens

These endpoints manage personal access tokens for the authenticated user.

Notes:

• The token string is returned only once, on creation. Save it securely.
• Tokens can be used as Bearer tokens, see the Authentication docs for details.

Create Personal Access Token

POST https://api.repoflow.io/1/users/personal-access-tokens

Create a new personal access token.

Authentication: Required

Body

namestringRequired

Token name (max length depends on server configuration).

expirationDatestringOptional

Optional expiration date in UTC ISO 8601 format (example 2025-01-08T10:08:48.261Z).

Request

Command Line

curl -sS -X POST "https://api.repoflow.io/1/users/personal-access-tokens" \
  -H "Authorization: Bearer <user-token>" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "ci-token",
    "expirationDate": "2025-01-08T10:08:48.261Z"
  }'

Response

{
  "id": "92bbfdcf-78e9-43ac-be77-0076c718b295",
  "personalAccessToken": "rf_pat_example"
}

Delete Personal Access Token

DELETE https://api.repoflow.io/1/users/personal-access-tokens/<personal-access-token-id>

Delete a personal access token owned by the authenticated user.

Responds with 404 if the token does not exist.

Authentication: Required

Path Parameters

personal-access-token-idstringRequired

Personal access token ID (UUID).

Request

Command Line

curl -sS -X DELETE "https://api.repoflow.io/1/users/personal-access-tokens/<personal-access-token-id>" \
  -H "Authorization: Bearer <user-token>" \
  -H "Accept: application/json"

Response

{
  "id": "92bbfdcf-78e9-43ac-be77-0076c718b295"
}