An update to Doorkeeper's API
Tuesday, March 01, 2016
Doorkeeper provides an API that allows developers to create applications that use our data. So far, we've had a pretty humble API, only offering data about the events. We're planning on extending it though, and as a first step, we'll be adding authentication to Doorkeeper's existing API.
Migrating an existing application to the authenticated API
If you've already made an application that is consuming the API, we've tried to make things as simple as possible for you.
- Register a developer application from your Doorkeeper account.
- Ensure your application is using SSL to access the API (i.e., accessing
- After creating an application, you'll be shown a "Public API Access Token". When making API requests, add an
Authorizationheader with the value of
Bearer your_token. See the API documentation for a more detailed example.
That's all there is to migrating your application.
With authentication, we're also introducing rate limiting. Initially, we will be limiting authenticated requests at a rate of 300 requests per five minute and unauthenticated requests at 100 requests per five minutes. Unauthenticated requests are associated with your IP address. We'll be progressively decreasing the limit on authenticated requests per the following schedule:
- March 31st, 2016 - 20 requests per five minutes
- April 30th, 2016 - 5 requests per five minutes
Deprecation of unauthenticated API
We eventually plan to deprecate the unauthenticated API entirely. We have not set a date yet, but it will be no earlier than May 31st, 2016. If you have an application that is using the Doorkeeper API and are unable to migrate it to the authenticated API by then, please let us know.
Future API endpoints
Is there an application you have been hankering to build that integrates with Doorkeeper, but haven't had access to the right API? Please get in touch with us and let us know what you want to build. Your ideas will help us shape the future of Doorkeeper's API.