Authentication

You can authenticate to Botpress’s API (api.botpress.cloud) as a user, a bot, or an integration. To do so, you’ll need to use a token.

​

Types of Tokens

​

1. Personal Access Token (PAT)

A Personal Access Token (PAT) can be generated in the Profile Settings section of your Botpress account. Once generated, you can use this token as a Bearer token to authenticate API requests.

​

2. Bot Access Key

A Bot Access Key (BAK) is provided to the bot once it is deployed. This token limit the API access to only the actions that the bot can perform. Only the runtime API, tables API, and files API are available with this token.

​

3. Integration Access Key

An Integration Access Key (IAK) is provided to the bot once it is deployed. This token limit the API access to only the actions that the integration can perform. Only the runtime API and files API are available with this token.

​

Authentication Methods

Once you have your token, you can authenticate your requests to Botpress’s API (api.botpress.cloud) using one of the following methods:

​

1. Authentication with the API

To authenticate using the API, pass the Authorization header with the appropriate token. Here’s an example of the request format:

GET /api/endpoint
Authorization: Bearer {TOKEN}

This header should be included in all requests to the Botpress Cloud API, where {TOKEN} is replaced with the actual token you obtained (PAT, Bot Access Key, or Integration Access Key).

​

2. Authentication with the Client

You can also authenticate using the client by providing the token when creating a new Client instance:

const token = 'your-token'
const client = new Client({ token })

In this example, the token you is either a Personal Access Token, Bot Access Key, or Integration Access Key. This will create a Client instance that is authenticated and can be used to interact with the API.