api = GhApi(owner='owner', repo='repo', jwt_token='<YOUR-TOKEN>')
pulls = api.pulls.list()
The personal access token has scopes for repo, workflow, gist and notifications.
Cause
It seems the API call to GitHub expects a different header. The example on GhApi sets Authorization: token <YOUR-TOKEN> but the example on GitHub specifies Authorization: Bearer <YOUR-TOKEN>. On https://docs.github.com/en/rest/overview/other-authentication-methods this is expanded upon with the note:
Note: In most cases, you can use Authorization: Bearer or Authorization: token to pass a token. However, if you are passing a JSON web token (JWT), you must use Authorization: Bearer.
Reading the docs I assume the header Authorization: token <TOKEN> is fine, but the above experimentation indicates otherwise.
Conclusion
I have no clue why 'my' token is regarded as a JWT token here, and in the example of GhApi not. For me it works, but I couldn't find a reason. Perhaps it helps someone searching for this, but I'm also interested to known if it is a setting or ...
The simple example results in a 404 error:
but with curl it works (from GitHub docs):
The following works:
The personal access token has scopes for repo, workflow, gist and notifications.
Cause
It seems the API call to GitHub expects a different header. The example on GhApi sets
Authorization: token <YOUR-TOKEN>
but the example on GitHub specifiesAuthorization: Bearer <YOUR-TOKEN>
. On https://docs.github.com/en/rest/overview/other-authentication-methods this is expanded upon with the note:Reading the docs I assume the header
Authorization: token <TOKEN>
is fine, but the above experimentation indicates otherwise.Conclusion
I have no clue why 'my' token is regarded as a JWT token here, and in the example of GhApi not. For me it works, but I couldn't find a reason. Perhaps it helps someone searching for this, but I'm also interested to known if it is a setting or ...