0
0
Fork 0
mirror of https://codeberg.org/forgejo/docs.git synced 2024-11-24 18:09:26 -05:00
forgejo-docs/user/api-usage.md
Caesar Schinas 9af05bfb01
refactor: use astro content collections for docs
Reviewed-on: https://codeberg.org/forgejo/website/pulls/323

# Conflicts:
#	v1.19/admin/command-line.md
#	v1.19/admin/config-cheat-sheet.md
#	v1.19/admin/database-preparation.md
#	v1.19/admin/email-setup.md
#	v1.19/admin/incoming-email.md
#	v1.19/admin/index.md
#	v1.19/admin/logging-documentation.md
#	v1.19/admin/reverse-proxy.md
#	v1.19/admin/seek-assistance.md
#	v1.19/admin/upgrade.md
#	v1.19/developer/code-forgejo-org.md
#	v1.19/developer/index.md
#	v1.19/index.md
#	v1.19/license.md
#	v1.19/user/agit-support.md
#	v1.19/user/api-usage.md
#	v1.19/user/authentication.md
#	v1.19/user/email-settings.md
#	v1.19/user/first-repository.md
#	v1.19/user/index.md
#	v1.19/user/issue-pull-request-templates.md
#	v1.19/user/issue-tracking-basics.md
#	v1.19/user/labels.md
#	v1.19/user/linked-references.md
#	v1.19/user/merge-message-templates.md
#	v1.19/user/oauth2-provider.md
#	v1.19/user/packages/cargo.md
#	v1.19/user/packages/chef.md
#	v1.19/user/packages/composer.md
#	v1.19/user/packages/conan.md
#	v1.19/user/packages/conda.md
#	v1.19/user/packages/container.md
#	v1.19/user/packages/generic.md
#	v1.19/user/packages/helm.md
#	v1.19/user/packages/index.md
#	v1.19/user/packages/maven.md
#	v1.19/user/packages/npm.md
#	v1.19/user/packages/nuget.md
#	v1.19/user/packages/pub.md
#	v1.19/user/packages/pypi.md
#	v1.19/user/packages/rubygems.md
#	v1.19/user/packages/storage.md
#	v1.19/user/packages/vagrant.md
#	v1.19/user/project.md
#	v1.19/user/protection.md
#	v1.19/user/push-options.md
#	v1.19/user/push-to-create.md
#	v1.19/user/repo-permissions.md
#	v1.19/user/webhooks.md
#	v1.19/user/wiki.md
#	v1.20/user/semver.md
2023-08-13 17:07:06 +01:00

110 lines
4 KiB
Markdown

---
title: 'API Usage'
license: 'Apache-2.0'
origin_url: 'https://github.com/go-gitea/gitea/blob/faa28b5a44912f1c63afddab9396bae9e6fe061c/docs/content/doc/development/api-usage.en-us.md'
---
## Enabling/configuring API access
By default, `ENABLE_SWAGGER` is true, and `MAX_RESPONSE_ITEMS` is set to 50.
## Authentication
Forgejo supports these methods of API authentication:
- HTTP basic authentication
- `token=...` parameter in URL query string
- `access_token=...` parameter in URL query string
- `Authorization: token ...` header in HTTP headers
## Generating and listing API tokens
A new token can be generated with a `POST` request to
`/users/:name/tokens`.
Note that `/users/:name/tokens` is a special endpoint and requires you
to authenticate using `BasicAuth` and a password, as follows:
```sh
$ curl -H "Content-Type: application/json" -d '{"name":"test"}' -u username:password https://forgejo.your.host/api/v1/users/<username>/tokens
{"id":1,"name":"test","sha1":"9fcb1158165773dd010fca5f0cf7174316c3e37d","token_last_eight":"16c3e37d"}
```
The `sha1` (the token) is only returned once and is not stored in
plain-text. It will not be displayed when listing tokens with a `GET`
request; e.g.
```sh
$ curl --url https://yourusername:password@forgejo.your.host/api/v1/users/<username>/tokens
[{"name":"test","sha1":"","token_last_eight":"........"},{"name":"dev","sha1":"","token_last_eight":"........"}]
```
To use the API with basic authentication with two factor authentication
enabled, you'll need to send an additional header that contains the one-time password (6-digit rotating token).
An example of the header is `X-Forgejo-OTP: 123456` where `123456`
is where you'd place the code from your authenticator.
Here is how the request would look like in curl:
```sh
$ curl -H "X-Forgejo-OTP: 123456" --url https://yourusername:yourpassword@forgejo.your.host/api/v1/users/yourusername/tokens
```
You can also create an API key token via your Forgejo installation's web
interface: `Settings | Applications | Generate New Token`.
## OAuth2 Provider
Access tokens obtained from Forgejo's OAuth2 provider are accepted by these methods:
- `Authorization bearer ...` header in HTTP headers
- `token=...` parameter in URL query string
- `access_token=...` parameter in URL query string
### More on the `Authorization:` header
For historical reasons, Forgejo needs the word `token` included before
the API key token in an authorization header, like this:
```sh
Authorization: token 65eaa9c8ef52460d22a93307fe0aee76289dc675
```
In a `curl` command, for instance, this would look like:
```sh
curl "http://localhost:4000/api/v1/repos/test1/test1/issues" \
-H "accept: application/json" \
-H "Authorization: token 65eaa9c8ef52460d22a93307fe0aee76289dc675" \
-H "Content-Type: application/json" -d "{ \"body\": \"testing\", \"title\": \"test 20\"}" -i
```
As mentioned above, the token used is the same one you would use in
the `token=` string in a GET request.
## Pagination
The API supports pagination. The `page` and `limit` parameters are used to specify the page number and the number of items per page. As well, the `Link` header is returned with the next, previous, and last page links if there are more than one pages. The `x-total-count` is also returned to indicate the total number of items.
```sh
curl -v "http://localhost/api/v1/repos/search?limit=1"
...
< link: <http://localhost/api/v1/repos/search?limit=1&page=2>; rel="next",<http://localhost/api/v1/repos/search?limit=1&page=5252>; rel="last"
...
< x-total-count: 5252
```
## API Guide:
API Reference guide is auto-generated by swagger and available on:
`https://forgejo.your.host/api/swagger`.
The OpenAPI document is at:
`https://forgejo.your.host/swagger.v1.json`
## Sudo
The API allows admin users to sudo API requests as another user. Simply add either a `sudo=` parameter or `Sudo:` request header with the username of the user to sudo.
## SDKs
- See [the list at delightful Forgejo](https://codeberg.org/forgejo-contrib/delightful-forgejo)