# API documentation

# Introduction

Debricked is an API first service, allowing for all actions inside the UI to be scripted. This allows you to integrate our service in your code, CI pipelines, and more.

All users with the admin (or API) role have access to our open API. This is also the API used by Debricked CLI.

# Authenticate

The API uses JWT-tokens (opens new window) for authentication.

# Getting your JWT-token

# Using your username and password

In order to get a JWT-token you need to provide your username and password to the https://debricked.com/api/login_check page.

Using curl, the call would look like this:

curl https://debricked.com/api/login_check -d _username=YOUR_USERNAME -d _password=YOUR_PASSWORD

If successful, the response will contain your token:


# Using a long-lived access token

If you have added an access token, you can use it to get a short-lived JWT token by sending the access token to the https://debricked.com/api/login_refresh endpoint.

Using curl the call would look like this:

curl https://debricked.com/api/login_refresh -d refresh_token=YOUR_ACCESS_TOKEN


The long lived access token, and the short-lived JWT-token are different tokens! You must always exchange your access token for a JWT-token to use the API.

# Using your token

The JWT-token has a lifetime of about an hour. If the JWT-token is invalid, such as if the token has expired, a 401 status code will be returned. You should therefore implement a way of automatically getting a new token every time you receive a 401 status code from any API call.


The JWT-token has a lifetime of about an hour.

When you have your token you need to pass it to the Authorization HTTP header with the value Bearer YOUR_VERY_LONG_TOKEN on each API call.

For example, using curl:

curl -H 'Authorization: Bearer YOUR_VERY_LONG_TOKEN' https://debricked.com/api/the_api_endpoint

# Rate limits

The following rate limits apply:

No account: 100 requests per hour (only applies for the Open Source Select API)

Free account: 500 requests per hour per code contributor

Premium account: 5000 requests per hour per code contributor

If you require a higher rate limit, please contact our sales team (opens new window).