Feature Request: Personal access tokens or API keys

[mickmister]

Describe the behaviour you'd like

I'd like to integrate with Gitpod, and be able to browse/create workspaces. It looks like this is currently being done through the browser by using websocket-driven JSON RPC. An external application could use this same protocol with a user's token, and deliver the user a UX that optimizes the use of the two applications.

Describe alternatives you've considered

I have looked into using Gitpod's OAuth system, but it seems to not be designed for this specific use case, since it's looking for an OAuth service provider rather than a client. I could be wrong about my assumptions there.

I'm thinking adding personal access tokens would be lower hanging fruit than modifying/augmenting the OAuth functionality to support this use case. Developers are familiar with the concept of personal access tokens, and since this platform is for developers I think it makes sense. I'd be happy to look into the necessary change if the feature seems like a good idea 🙂

[gtsiolis]

Thanks, @mickmister! We did have an access tokens page that we removed during the dashboard redesign, see #3399. We're also working on a public API. Cc @csweichel because of the relevant RFC document about the API (internal).

[csweichel]

As @gtsiolis said, at the moment we don't have a sensible use-case for such tokens, because we don't offer a public API. There's an outward facing API (the one used by e.g. the dashboard), but that's neither documented nor necessarily backwards compatible. There's a very good chance applications using that API would break without warning.

Once we have a more stable API that is intended for "public consumption", offering personal API tokens makes a lot of sense.

[mickmister]

@gtsiolis @csweichel Thanks for all the detailed information!

The timing with the public API makes a lot of sense 👍

Now I'm wondering, are OAuth tokens also in the plans for the public API usage? That would definitely be ideal for my use case. Thanks for this awesome software!

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.