Authentication
How to authenticate with the BuildButler API using API tokens and OAuth.
All BuildButler API requests require authentication. The API supports two authentication methods: API tokens and OAuth 2.0.
API tokens
API tokens are the simplest way to authenticate. Generate one from Settings → API → Create Token.
Include the token in the Authorization header:
Token scopes
| Scope | Description |
|---|---|
read:jobs | List and read job details |
read:builds | List and read build details and logs |
read:analytics | Access analytics and export data |
write:connections | Create and update Jenkins connections |
write:alerts | Create and update alert rules |
admin | Full access (includes all scopes) |
When creating a token, select only the scopes you need. Tokens with fewer permissions are safer to distribute.
Token format
Tokens are prefixed for easy identification:
bb_live_— production tokenbb_test_— test/staging token
OAuth 2.0
For applications that act on behalf of a user, use the OAuth 2.0 authorization code flow.
1. Register your application
Go to Settings → API → OAuth Apps → New App and provide:
- App name — displayed on the consent screen
- Redirect URI — where to send the user after authorization
You'll receive a Client ID and Client Secret.
2. Authorization request
Redirect the user to:
3. Exchange the code for a token
Response:
4. Refresh the token
Rate limits
| Tier | Requests per minute |
|---|---|
| Free | 60 |
| Pro | 300 |
| Enterprise | 1000 |
Rate limit headers are included in every response: