Authentication Methods Copr API v3 supports two authentication methods:
API Token (recommended for programmatic access)GSSAPI/Kerberos (for Fedora infrastructure integration)
API Token Authentication Generating Your API Token To use the Copr API, you need to generate an API token:
Set up a FAS account at https://accounts.fedoraproject.org
Log in to Copr at https://copr.fedorainfracloud.org
Visit https://copr.fedorainfracloud.org/api/
Copy the generated authentication token
Storing Your API Token The recommended way to store your API token is in the ~/.config/copr configuration file:
[copr-cli] login = your_api_login_here username = your_username token = your_api_token_here copr_url = https://copr.fedorainfracloud.org
This file should have restrictive permissions:
Using API Token in Requests API tokens use HTTP Basic Authentication. The token must be Base64-encoded in the format api_login:api_token and included in the Authorization header.
curl
Python
Python (copr library)
# Method 1: Using curl's built-in Basic Auth curl -X GET \ --user "your_api_login:your_api_token" \ https://copr.fedorainfracloud.org/api_3/project/list?ownername=@copr # Method 2: Manual Authorization header curl -X GET \ -H "Authorization: Basic $( echo -n 'your_api_login:your_api_token' | base64 )" \ https://copr.fedorainfracloud.org/api_3/project/list?ownername=@copr
Checking Authentication Verify your authentication is working:
curl -X GET \ --user "your_api_login:your_api_token" \ https://copr.fedorainfracloud.org/api_3/auth-check
Success response:
{ "admin" : false , "id" : 1234 , "name" : "your_username" , "username" : "your_username" }
Regenerating API Token You can programmatically generate a new API token:
curl -X POST \ --user "your_current_api_login:your_current_api_token" \ https://copr.fedorainfracloud.org/api_3/api-token
Response:
{ "api_login" : "new_api_login_value" , "api_token" : "new_api_token_value" }
After regenerating your token, update your ~/.config/copr file with the new credentials. Your old token will no longer work.
Token Expiration API tokens expire automatically after 6 months. When your token expires:
API requests will return a 401 Unauthorized error
The error message will indicate: “Login invalid/expired. Please visit https://copr.fedorainfracloud.org/api to get or renew your API token.”
You must log in to the web interface and generate a new token
GSSAPI/Kerberos Authentication For users with valid Kerberos credentials in the Fedora infrastructure, you can authenticate using GSSAPI:
# Obtain Kerberos ticket kinit [email protected] # Use with curl (requires curl-gssapi) curl --negotiate -u : \ https://copr.fedorainfracloud.org/api_3/gssapi_login
This method is primarily used for internal Fedora infrastructure integration.
Authentication Errors Invalid or Expired Token { "output" : "notok" , "error" : "Login invalid/expired. Please visit https://copr.fedorainfracloud.org/api to get or renew your API token." }
Solution : Generate a new API token from the web interface.Missing Authentication Attempting to access protected endpoints without authentication:
{ "output" : "notok" , "error" : "Login invalid/expired. Please visit https://copr.fedorainfracloud.org/api to get or renew your API token." }
Solution : Include your API credentials in the request.Insufficient Permissions { "output" : "notok" , "error" : "User 'username' can not see permissions for project '@owner/project' (missing admin rights)" }
Solution : Request appropriate permissions from the project owner, or use a different account.Security Best Practices Keep your API token secure:
Never commit API tokens to version control
Use environment variables or secure configuration files
Set restrictive file permissions (600) on configuration files
Rotate tokens periodically
Use separate tokens for different applications or CI/CD systems
Using Environment Variables # Set environment variables export COPR_API_LOGIN = "your_api_login" export COPR_API_TOKEN = "your_api_token" # Use in curl curl -X GET \ --user " $COPR_API_LOGIN : $COPR_API_TOKEN " \ https://copr.fedorainfracloud.org/api_3/auth-check
import os import requests from requests.auth import HTTPBasicAuth api_login = os.environ[ "COPR_API_LOGIN" ] api_token = os.environ[ "COPR_API_TOKEN" ] response = requests.get( "https://copr.fedorainfracloud.org/api_3/auth-check" , auth = HTTPBasicAuth(api_login, api_token) )
Next Steps Now that you’re authenticated, you can:
Create projects
Submit builds
Manage packages
Configure webhooks
Explore the interactive API documentation to see all available endpoints.