API Keys

API keys allow external applications to interact with your Repo File Sync organization programmatically. Use them to trigger sync tasks, query status, or integrate with your existing tooling.

Creating an API Key

1. Navigate to Settings → Developers → API Keys in your organization dashboard
2. Click "Create API Key"
3. Give the key a descriptive name (e.g., "CI/CD Pipeline", "Monitoring Script")
4. Copy the key immediately — it will only be shown once

Authentication

Include your API key in the Authorization header of every request:

curl -H "Authorization: Bearer rfs_your_api_key_here" \
  https://app.repofilesync.com/api/v1/sync-tasks

Managing Keys

From the API Keys settings page you can:

• View all active keys with their names and creation dates
• Revoke a key if it's no longer needed or has been compromised
• Create new keys for different applications or environments

Best Practices

• Never commit keys to source control — use environment variables or a secrets manager
• Use descriptive names so you can identify which application uses each key
• Rotate keys periodically — revoke old keys and create new ones on a regular schedule
• One key per application — if one application is compromised, you can revoke its key without affecting others
• Revoke unused keys — delete keys for decommissioned applications promptly

Troubleshooting

• 401 Unauthorized: Verify the key is correct and hasn't been revoked
• 403 Forbidden: The key may not have sufficient permissions for the requested action
• Key lost: API keys can't be retrieved after creation. Revoke the old key and create a new one

For additional help, contact us.