# API documentation
Debricked is an API first service, allowing for all actions inside the UI to be scripted. This allows you to integrate our service in your code, CI pipelines, and more.
All users with the admin (or API) role have access to our open API. This is also the API used by Debricked CLI.
# Important links
- Base URL for API: https://debricked.com/api
- Current version URL: https://debricked.com/api/1.0
- Open API reference/Sandbox (opens new window)
- Open API reference/Sandbox, JSON format (opens new window)
- Extended API reference/Sandbox, requires enterprise tier (opens new window)
The API uses JWT-tokens (opens new window) for authentication.
# Getting your JWT-token
# Using your username and password
In order to get a JWT-token you need to provide your username and password to the
Using curl, the call would look like this:
curl https://debricked.com/api/login_check -d _username=YOUR_USERNAME -d _password=YOUR_PASSWORD
If successful, the response will contain your token:
# Using a long-lived access token
If you have added an access token, you can use it to get a short-lived JWT token by sending the access token to the
Using curl the call would look like this:
curl https://debricked.com/api/login_refresh -d refresh_token=YOUR_ACCESS_TOKEN
The long lived access token, and the short-lived JWT-token are different tokens! You must always exchange your access token for a JWT-token to use the API.
# Using your token
The JWT-token has a lifetime of about an hour. If the JWT-token is invalid, such as if the token has expired, a
401 status code will be returned. You should therefore implement a way of automatically getting a new token every time you receive a
401 status code from any API call.
The JWT-token has a lifetime of about an hour.
When you have your token you need to pass it to the Authorization HTTP header with the value Bearer YOUR_VERY_LONG_TOKEN on each API call.
For example, using curl:
curl -H 'Authorization: Bearer YOUR_VERY_LONG_TOKEN' https://debricked.com/api/the_api_endpoint
# Rate limits
The following rate limits apply:
100 requests per hour (only applies for the Open Source Select API)
500 requests per hour per code contributor
5000 requests per hour per code contributor
If you require a higher rate limit, please contact our sales team (opens new window).