# API documentation
All users with the role admin have access to our open API, which lets you upload dependency files. This is also the API used by Debricked CLI.
Additionally, if your account has the API feature enabled you can also access our extended API for interacting with Debricked in more ways. It for example provides several endpoints for managing your products and releases, a list of vulnerabilities of a given component and more.
# Important links
Base URL for API: https://app.debricked.com/api
Current version URL: https://app.debricked.com/api/1.0
The API uses JWT-tokens (opens new window) for authentication.
# Getting your token
In order to get a JWT-token you need to provide your username and password to the
Using curl the call would look like this:
curl -X POST https://app.debricked.com/api/login_check -d _username=YOUR_USERNAME -d _password=YOUR_PASSWORD
If successful, the response will contain your token:
The token has a lifetime of about an hour. If the JWT-token is invalid, such as if the token has expired, a
401 status code will be returned. You should therefore implement a way of automatically getting a new token every time you receive a
401 status code from any API call.
The JWT-token has a lifetime of about an hour.
# Using your token
When you have your token you need to pass it to the Authorization HTTP header with the value Bearer YOUR_VERY_LONG_TOKEN on each API call.
# Need assistance?
Contact our technical support at email@example.com