Authentication
WarmHub HTTP endpoints authenticate requests with a Bearer token in the Authorization header:
curl -H "Authorization: Bearer <token>" \ https://api.warmhub.ai/api/repos/myorg/myrepo/headWarmHub accepts interactive session JWTs and personal access tokens (PATs), subject to the user’s organization and repository role.
Personal Access Tokens
Section titled “Personal Access Tokens”PAT management REST endpoints such as POST /api/pats, GET /api/pats, and DELETE /api/pats/:name are not currently mounted.
Create and manage PATs with the CLI (wh token) or the SDK (client.token.*) instead. Both paths require an interactive user session. See Personal Access Tokens for the full guide.
Scopes
Section titled “Scopes”PATs can carry resource-scoped permissions:
| Scope | Grants |
|---|---|
repo:read | Read repositories, queries, shapes |
repo:write | Commit writes |
repo:configure | Subscriptions, credentials, repo settings, action runs and notifications |
repo:admin | Delete, archive, visibility |
org:read | Read org profiles |
org:configure | Create repos, manage members and org settings, attribute writes to any installed component in the org |
org:admin | Rename, archive org |
Scopes are independent. Request the specific permissions your token needs. JWT tokens do not use PAT scope narrowing, but are still limited by the user’s role.
Hit a problem or have a question? Get in touch.