Authentication

Authenticating with the GitBoosted API should feel like a familiar pattern to most developers. First head to the Developers section in the app and select API Keys.

Generating a new Key

To access the API we need to generate a new client Id (Access Key) and client secret (Secret Key).

Restrictions and Scopes

warning

We recommend all keys are scoped. Creating global keys allows the key to access all elements of the API where as scoped keys provide restrictions to the specified resource.

Keys can be scoped to specific resources. Scoping keys to resources allows you to control exact usage for keys.

Client secrets are only available one time. Please ensure to look after your secrets. Store using a secrets manager such as your cloud providers Secret Manager or Infisical.

danger

Never store secrets in your repository.

Using your new Token

Now we've generated a token, we can use the token against API requests.

First we need supply both the client Id and the client secret.

Create a string concatenated with ":" in between (JavaScript example):

const authToken = clientId + ":" + clientSecret;

Next, pass the string as the Authorization header on any subsequent API request (JavaScript axios example):

axios
  .get("http://api.gitboosted.com/surprise", {
    Authorization: authToken,
  })
  .then((res) => console.log("We did it!", res.data));

Generating a new Key​

Restrictions and Scopes​

Using your new Token​

Generating a new Key

Restrictions and Scopes

Using your new Token