Reference
Authentication
OAuth2 client credentials, tenant-scoped bearer tokens.
codingassist.bot uses OAuth2 client credentials. Generate a client id and secret per integration; mint tokens server-side; pass them as a Bearer.
Mint a token
curl -X POST https://api.codingassist.bot/oauth/token \
-d "grant_type=client_credentials" \
-d "client_id=$CLIENT_ID" \
-d "client_secret=$CLIENT_SECRET" \
-d "scope=reviews:write findings:read"Response:
{
"access_token": "eyJhbGciOi...",
"token_type": "Bearer",
"expires_in": 3600,
"scope": "reviews:write findings:read"
}Use the token
curl https://api.codingassist.bot/v1/reviews/rev_01HXYZ \
-H "Authorization: Bearer eyJhbGciOi..."Scopes
| Scope | Allows |
|---|---|
reviews:read | List + read reviews |
reviews:write | Create reviews |
findings:read | Read findings + traces |
webhooks:write | Subscribe to events |
admin | Tenant settings |
Errors
401— token missing or expired403— token valid but missing scope- See E_TOK_002 for decryption errors
Was this page helpful?