In this section, we’ll look at passing Authorization and Authentication information in our requests, by accessing the GitHub REST API.
Let’s try making a GET
request to the URL https://api.github.com/user
.
You’ll get the following response:
{
"message": "Requires authentication",
"documentation_url": "https://docs.github.com/rest/reference/users#get-the-authenticated-user"
}
This is because you are not authorized to access the API and to gain access you would need to authenticate yourself. We use tokens to authenticate a user and to do so we first need to generate an access token from GitHub.
Generating access token
To get access to the GitHub API, you first need to generate a personal access token. For our demonstration, we will generate one granting access to public repositories.
- Login to the GitHub account.
- Goto your personal access tokens page and click on “Generate new token”.
- Select tokens (classic).
- Specify the note as “Hoppscotch API” so that you can remember why you created it.
- Under the “Select scopes” section only check
public_repo
.
- Scroll down and click on “Generate token”.
- You just generated your access token, now copy the token to your clipboard.
Storing auth token in a variable
It is a recommended safe practice to have your auth details in environment variables rather than inputting them directly to the authorization tab.
- Click on the “Global” environment to add a variable.
- Create a variable called
token
and paste the token from GitHub as its value.
- Now open the Authorization tab and select
Bearer
from the dropdown list.
- Input the token as shown below, make sure that you reference the token in variable format, i.e.
<<token>>
.
- Click on “Send”.
You should now see the response including details about your GitHub account.
Responses are generated using AI and may contain mistakes.