Authentication
WarmHub HTTP endpoints authenticate requests with a Bearer token in the Authorization header:
curl -H "Authorization: Bearer <token>" \ https://api.warmhub.ai/api/repos/myorg/myrepo/headWarmHub accepts interactive session JWTs and personal access tokens (PATs), subject to the user’s organization and repository role.
Personal Access Tokens
Section titled “Personal Access Tokens”PAT management REST endpoints such as POST /api/pats, GET /api/pats, and DELETE /api/pats/:name are not currently mounted.
Create and manage PATs with the CLI (wh token) or the SDK (client.token.*) instead. Both paths accept an interactive user session — which manages all your tokens — or a PAT, which manages only the tokens it created (and tokens those created in turn). See Personal Access Tokens for the full guide.
Scopes
Section titled “Scopes”PATs can carry resource-scoped permissions: repo:read, repo:write, repo:configure, repo:admin, org:read, org:configure, and org:admin. Scopes are independent — request the specific permissions your token needs. For what each scope grants, which role includes it, and the minimum scope per task, see the access reference. JWT tokens do not use PAT scope narrowing, but are still limited by the user’s role.
Hit a problem or have a question? Get in touch.