You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
107 lines
3.5 KiB
107 lines
3.5 KiB
7 years ago
|
---
|
||
|
date: "2018-06-24:00:00+02:00"
|
||
|
title: "API Usage"
|
||
|
slug: "api-usage"
|
||
|
weight: 40
|
||
|
toc: true
|
||
|
draft: false
|
||
|
menu:
|
||
|
sidebar:
|
||
4 years ago
|
parent: "developers"
|
||
7 years ago
|
name: "API Usage"
|
||
|
weight: 40
|
||
|
identifier: "api-usage"
|
||
|
---
|
||
|
|
||
|
# Gitea API Usage
|
||
|
|
||
|
## Enabling/configuring API access
|
||
|
|
||
6 years ago
|
By default, `ENABLE_SWAGGER` is true, and
|
||
7 years ago
|
`MAX_RESPONSE_ITEMS` is set to 50. See [Config Cheat
|
||
|
Sheet](https://docs.gitea.io/en-us/config-cheat-sheet/) for more
|
||
|
information.
|
||
|
|
||
|
## Authentication via the API
|
||
|
|
||
|
Gitea supports these methods of API authentication:
|
||
|
|
||
|
- HTTP basic authentication
|
||
|
- `token=...` parameter in URL query string
|
||
|
- `access_token=...` parameter in URL query string
|
||
|
- `Authorization: token ...` header in HTTP headers
|
||
|
|
||
6 years ago
|
All of these methods accept the same API key token type. You can
|
||
7 years ago
|
better understand this by looking at the code -- as of this writing,
|
||
|
Gitea parses queries and headers to find the token in
|
||
|
[modules/auth/auth.go](https://github.com/go-gitea/gitea/blob/6efdcaed86565c91a3dc77631372a9cc45a58e89/modules/auth/auth.go#L47).
|
||
|
|
||
6 years ago
|
You can create an API key token via your Gitea installation's web interface:
|
||
7 years ago
|
`Settings | Applications | Generate New Token`.
|
||
|
|
||
6 years ago
|
### OAuth2
|
||
|
|
||
|
Access tokens obtained from Gitea's [OAuth2 provider](https://docs.gitea.io/en-us/oauth2-provider) are accepted by these methods:
|
||
|
|
||
|
- `Authorization bearer ...` header in HTTP headers
|
||
|
- `token=...` parameter in URL query string
|
||
|
- `access_token=...` parameter in URL query string
|
||
|
|
||
7 years ago
|
### More on the `Authorization:` header
|
||
|
|
||
|
For historical reasons, Gitea needs the word `token` included before
|
||
6 years ago
|
the API key token in an authorization header, like this:
|
||
7 years ago
|
|
||
|
```
|
||
|
Authorization: token 65eaa9c8ef52460d22a93307fe0aee76289dc675
|
||
|
```
|
||
|
|
||
|
In a `curl` command, for instance, this would look like:
|
||
|
|
||
|
```
|
||
|
curl -X POST "http://localhost:4000/api/v1/repos/test1/test1/issues" \
|
||
|
-H "accept: application/json" \
|
||
|
-H "Authorization: token 65eaa9c8ef52460d22a93307fe0aee76289dc675" \
|
||
|
-H "Content-Type: application/json" -d "{ \"body\": \"testing\", \"title\": \"test 20\"}" -i
|
||
|
```
|
||
|
|
||
|
As mentioned above, the token used is the same one you would use in
|
||
|
the `token=` string in a GET request.
|
||
|
|
||
5 years ago
|
## API Guide:
|
||
|
|
||
4 years ago
|
API Reference guide is auto-generated by swagger and available on:
|
||
5 years ago
|
`https://gitea.your.host/api/swagger`
|
||
4 years ago
|
or on
|
||
5 years ago
|
[gitea demo instance](https://try.gitea.io/api/swagger)
|
||
|
|
||
|
|
||
7 years ago
|
## Listing your issued tokens via the API
|
||
|
|
||
|
As mentioned in
|
||
|
[#3842](https://github.com/go-gitea/gitea/issues/3842#issuecomment-397743346),
|
||
|
`/users/:name/tokens` is special and requires you to authenticate
|
||
|
using BasicAuth, as follows:
|
||
|
|
||
|
### Using basic authentication:
|
||
|
|
||
|
```
|
||
|
$ curl --request GET --url https://yourusername:yourpassword@gitea.your.host/api/v1/users/yourusername/tokens
|
||
|
[{"name":"test","sha1":"..."},{"name":"dev","sha1":"..."}]
|
||
|
```
|
||
6 years ago
|
|
||
6 years ago
|
As of v1.8.0 of Gitea, if using basic authentication with the API and your user has two factor authentication enabled, you'll need to send an additional header that contains the one time password (6 digit rotating token). An example of the header is `X-Gitea-OTP: 123456` where `123456` is where you'd place the code from your authenticator. Here is how the request would look like in curl:
|
||
|
|
||
|
```
|
||
|
$ curl -H "X-Gitea-OTP: 123456" --request GET --url https://yourusername:yourpassword@gitea.your.host/api/v1/users/yourusername/tokens
|
||
|
```
|
||
|
|
||
6 years ago
|
## Sudo
|
||
|
|
||
|
The API allows admin users to sudo API requests as another user. Simply add either a `sudo=` parameter or `Sudo:` request header with the username of the user to sudo.
|
||
4 years ago
|
|
||
|
## SDKs
|
||
|
|
||
|
* [Official go-sdk](https://gitea.com/gitea/go-sdk)
|
||
|
* [more](https://gitea.com/gitea/awesome-gitea#user-content-sdk)
|