Authentication

Jason Lee Jason Lee

The API uses bearer token authentication. Tokens are scoped to your workspace and grant access to all sites within it.

Creating a token

  1. Log in to your dashboard
  2. Go to Settings > API tokens
  3. Click “Create new token”
  4. Give it a descriptive name (e.g. “GitHub Actions”, “iPhone shortcut”)
  5. Copy the token immediately; it will not be shown again

You can have up to 3 active tokens. Revoke an existing token to create a new one if you have reached the limit.

Using a token

Include the token in the Authorization header of every request:

curl -X GET https://sitepaste.com/api/v1/public/pages \
  -H "Authorization: Bearer sp_your_token_here"

Storing tokens safely

Store your token in an environment variable rather than hardcoding it:

# In your shell profile or .env file (add .env to .gitignore)
export SITEPASTE_API_TOKEN="sp_your_token_here"

curl -X POST https://sitepaste.com/api/v1/public/pages \
  -H "Authorization: Bearer $SITEPASTE_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"pages": [{"title": "My post", "content": "Hello"}]}'

In GitHub Actions, use a repository secret:

env:
  SITEPASTE_TOKEN: ${{ secrets.SITEPASTE_TOKEN }}

Managing tokens

From Settings > API tokens you can:

  • View all active tokens with their last-used timestamps
  • Rename a token
  • Revoke a token permanently

Error responses

Missing or invalid token

401 Unauthorized

{
  "error": "invalid or revoked token"
}

Pro plan required

403 Forbidden

{
  "error": "API tokens require Pro plan"
}

Token limit reached

400 Bad request

{
  "error": "maximum 3 active tokens allowed, please revoke an existing token first"
}