Authentication

All API requests require authentication using a Bearer token.

Obtaining a Token

After signing in to your deprec8 account, you can obtain an access token from the Settings page under API Access.

Using the Token

Include the token in the Authorization header of every request:

curl -H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
  https://api.deprec8.io/v1/deprecations

Token Expiry

Access tokens expire after 24 hours. When a token expires, you'll receive a 401 Unauthorized response. Obtain a new token by signing in again or using the refresh token flow.

Refresh Tokens

For long-lived integrations, use the refresh token to obtain new access tokens without re-authenticating:

curl -X POST https://api.deprec8.io/v1/auth/refresh \
  -H "Content-Type: application/json" \
  -d '{"refresh_token": "YOUR_REFRESH_TOKEN"}'

Security Best Practices

Never expose tokens in client-side code or public repositories
Store tokens securely using environment variables or a secrets manager
Rotate tokens regularly
Use the minimum required scope for each integration

Last updated: 2026-02-12

← PreviousAPI Next →Rate Limits