Authenticate as an app

About authenticating as an ICR app

You must authenticate as an ICR App in order to make REST API requests as the application. For example, if you want to use the API to generate an installation access token for accessing organization resources, list installations across organizations for your app, or create new user / organization pairs with your app auto installed on the organization, you must authenticate as an app.

If a REST API endpoint requires you to authenticate as an app, the documentation for that endpoint will indicate that you must use a JWT to access the endpoint.

Using a JSON web token (JWT) to authenticate as an ICR app

1. Generate a JSON Web Token (JWT) for your app. For more information, see "Generating a JSON Web Token (JWT) for an ICR App."

2. Include the JWT in the Authorization header of your request. In the following example, replace YOUR_JWT with your JWT.

curl --request GET \
--url "https://api.carbonregistry.com/app/installations" \
--header "Authorization: Bearer YOUR_JWT"

await axios.get(
`https://api.carbonregistry/app/installations`,
{
  headers: {
    Authorization: `Bearer ${YOUR_JWT}`,
    },
  },
)