In order to use the API, you first need to make sure you can obtain access tokens. At this moment, Aikido's API only supports OAuth 2.0's Client Credentials grant for getting access tokens.
DISCLAIMER The Client Credentials flow is meant for server to server communication only. Do not share the client secret with users.
In order to obtain an access token, your Aikido workspace admin first must create client credentials via the integrations page in Aikido. This will result in a client ID and client secret which can be used to obtain an access token.
To obtain an access token you must make a
POST request to
https://app.aikido.dev/api/oauth/token which is detailed here in the reference.
For the Client Credentials flow, you must supply the Client ID and Client Secret you obtained in the integration page via a basic authorization header. The Basic authorization header requires you to supply a username (Client ID) and password (Client Secret) in a Base64 encoded string, separated with a colon.