Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Unable to access github API getting bad credentials error

Tags:

github

github-api

github-api-v3

I am trying to add a custom code check for a PR. After doing some research I found out that it can be done using the API mentioned below.

POST /repos/{owner}/{repo}/check-runs

Initially, it was giving me this error:

{
    "message": "You must authenticate via a GitHub App.",
    "documentation_url": "https://docs.github.com/rest/reference/checks#create-a-check-run"
}

I followed the guideline provided in this link.

  1. I created a GitHub app.
  2. Gave it required permission.
  3. Generated a private key.
  4. Generated a JWT token using the private key.
  5. Installed the Github app in the repo too

I created a curl request:

curl --location --request POST 'https://api.github.com/repos/X/X-app/check-runs' \
--header 'Accept: application/vnd.github.v3+json' \
--header 'Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.X.X-X-SAFvDnSkaJDjMI2T_BAC2iLlRZ7uNyFSe-X-UgFBFjoFrwsbcYFKfDM8f3FNPYpA6afhr18DLZ6rzu35klA' \
--header 'Content-Type: application/json' \
--data-raw '{
    "name": "loremipsum"
}'

But, now I am getting this error

{
    "message": "Bad credentials",
    "documentation_url": "https://docs.github.com/rest"
}

I am not sure what I am missing here.

like image 933
Irtiza Avatar asked Feb 04 '26 12:02

Irtiza

1 Answers

I figured this out. The GitHub documentation is a bit unclear/misleading.

You don't pass the app's JWT bearer token directly to the "Create a check run" API; instead, you use that bearer token to get an access token for a specific installation, and then you pass that token to the "Create a check run" API.

To get that access token, you need the installation-ID; if you don't already have it, you can use the app's JWT bearer token to list your installations:

curl -i \
  -H "Authorization: Bearer YOUR_JWT" \
  -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/app/installations

Once you know the installation-ID, you can use the app's JWT bearer token to get an access token for the installation:

curl -i -X POST \
  -H "Authorization: Bearer YOUR_JWT" \
  -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/app/installations/THE_INSTALLATION_ID/access_tokens

You can then use that access token to call GitHub APIs on that repo:

curl -i \
  -H "Authorization: token YOUR_INSTALLATION_ACCESS_TOKEN" \
  ...

(Note that for this one you write token instead of Bearer.)

like image 95
KKS Avatar answered Feb 09 '26 02:02

KKS
Sign in to Comment

Related questions

Verify that a GitHub OAuth token belongs to a specific ClientID
Update version number with versioneer and GitHub
How to power down GitHub Codespaces?
How to embed a scribd viewer into GitHub markdown?
What is the permission scope of id-token in GitHub Action?
How to detect whether a Git server supports shallow cloning?
Does GitHub Enterprise support shallow cloning?
tracking version numbers of subfolders in git
How to mirror a GitLab repository to GitHub using SSH keys?
Git 'pack-objects died of signal 13' when pushing to origin
How to keep dist/ folder only in master branch with Git
CustomerError: Can't find required-server-files.json in build output directory
How can a GitHub owner run and external PR through GitHub Actions?
Restore All Deleted Files to the Current Working Directory from Git
Issues with lerna independent versioning + Github Actions
Git Revert command refuses to revert merge

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!