API Tokens

Overview

API tokens allow programmatic access to Jasper's features. Use them for CI/CD integrations, custom scripts, or third-party tools.

Creating Tokens

Generate a New Token

1. Go to Settings → API Tokens
2. Click Create Token
3. Enter a descriptive name (e.g., "CI/CD Pipeline")
4. Add an optional description
5. Select the scopes (permissions) for this token
6. Optionally set an expiration date
7. Click Create

Token Scopes

Scopes control what the token can access:

Scope	Description
organization:read	View organization details
organization:write	Update organization settings
repositories:read	View repositories
repositories:write	Manage repository settings
reviews:read	View code reviews
reviews:write	Trigger and manage reviews
billing:read	View credit balance
billing:write	Purchase credits
team:read	View team members
team:write	Manage team members
webhooks:read	View webhook subscriptions
webhooks:write	Manage webhooks
audit:read	View audit logs
wiki:read	View wiki content
wiki:write	Edit wiki content

Default Scopes

New tokens include these scopes by default:

• organization:read
• repositories:read
• reviews:read
• billing:read
• wiki:read
• wiki:write

Managing Tokens

View Tokens

See all tokens for your organization at Settings → API Tokens:

• Token name and description
• Scopes granted
• Last used timestamp
• Expiration date (if set)
• Active/inactive status

Deactivate a Token

1. Find the token in the list
2. Click the toggle to deactivate
3. Token is immediately invalidated
4. Can be reactivated later

Delete a Token

1. Find the token in the list
2. Click Delete
3. Confirm the deletion

API Playground

Test API endpoints interactively without external tools.

Accessing the Playground

1. Go to Settings → API Tokens
2. Click API Playground

Using the Playground

1. Select an endpoint from the left panel (organized by category)
2. Choose your API token from the dropdown
3. Review the endpoint, method, and required scope
4. Add a request body if needed (POST/PUT)
5. Click Send Request
6. View the response in the right panel

Available Endpoints

The playground includes pre-configured endpoints:

Organization

• GET /api/v1/organization — Get organization details
• GET /api/v1/organization/stats — Get statistics

Repositories

• GET /api/v1/repositories — List repositories

Reviews

• GET /api/v1/reviews — List code reviews
• GET /api/v1/reviews/stats — Get review statistics
• POST /api/v1/reviews/trigger — Trigger a new review

Billing

• GET /api/v1/billing/credits — Get credit balance
• GET /api/v1/billing/usage — Get usage statistics

Team

• GET /api/v1/team — List team members

Webhooks

• GET /api/v1/webhooks/events — List available events
• GET /api/v1/webhooks — List subscriptions

cURL Export

The playground generates cURL commands you can copy:

curl -X GET "https://heyjasper.ai/api/v1/organization" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Accept: application/json"

Rate Limits

API requests are rate-limited based on your organization's tier:

Tier	Per Minute	Per Hour
Free	60	1,000
Basic	120	3,000
Standard	300	10,000
Premium	600	30,000
Enterprise	1,200	100,000

Rate Limit Headers

Responses include rate limit information:

X-RateLimit-Limit: 60
X-RateLimit-Remaining: 45
X-RateLimit-Reset: 1234567890
Retry-After: 30

Authentication

Include your token in the Authorization header:

Authorization: Bearer YOUR_API_TOKEN

Security Best Practices

• Use minimal scopes — Only request permissions you need
• Set expiration dates — Rotate tokens regularly
• Store securely — Use environment variables or secret managers
• Never commit tokens — Keep them out of source control
• Monitor usage — Check "last used" timestamps
• Deactivate unused tokens — Remove tokens that are no longer needed

For complete endpoint documentation, see the API Reference.