How to access Tidelift APIs

API overview

Tidelift subscribers have full access to the Tidelift API. Using the Tidelift API subscribers can:

Tidelift’s REST API is rooted at:

Tidelift does not have a anonymous public API; all API endpoints are restricted to Tidelift subscribers.

Full API documentation

Supported REST API endpoints, parameters, and returned items are found in our dedicated API documentation at

Tidelift provides a downloadable API specification that can be used in tools that support importing OpenAPI specifications.

How to use the Tidelift API


Authentication to the Tidelift API is done via API keys, passed as Bearer tokens.

An example header would be:

Authorization: Bearer <key goes here>

Passing data

There are two ways to pass data to the Tidelift API.

  • Query parameters, passed in the URL
    • Example query:
  • Body data, passed as JSON
    • Example data: { “project_name”: “myfancyproject” }

Which data form an API accepts will be documented in the full API documentation.


If you are accessing items in the API such as package names that contain characters such as spaces or slashes ("/"), you will need to url-encode the item to access it properly. For example, if a Go package is named

you would access it in an API call as


Here are examples of using the project creation API, in a number of different ways.

Using curl:

curl -s -H "Accept: application/json" -H "Authorization: Bearer <your token>" \
 -X POST \
 –json ‘{ “project_name”: “overthruster”, “catalog”: “default”, “default_branch”: “main” }’

Using Python:

import json
import requests

API_KEY = "<your token>"

headers = {"Accept": "application/json", "Authorization": f"Bearer {API_KEY}"}

body = {"project_name": "overthruster", "default_branch": "main", "catalog": "default"}

r =

if not r.ok:
print(f"Error: API request returned {r.status_code}")
jsondata = r.json()


Using Ruby

require "uri"
require "json"
require "net/http"

url = URI("<your-team>/projects")

https =, url.port)
https.use_ssl = true

request =
request["Authorization"] = "Bearer <your_token>"
request["Content-Type"] = "application/json"
request.body = JSON.dump({
  "project_name": "my new project",
  "catalog": "default",
  "default_branch": "main"

response = https.request(request)

puts response.read_body

Using Go

package main

import (

func main() {
  url := "<your-team>/projects"
  method := "POST"

  payload := strings.NewReader(`{
    "project_name": "my new project",
    "catalog": "default",
    "default_branch": "main"

  client := &http.Client {

  req, err := http.NewRequest(method, url, payload)
  if err != nil {
  req.Header.Add("Authorization", "Bearer <your_token>")
  req.Header.Add("Content-Type", "application/json")

  res, err := client.Do(req)
  if err != nil {
  defer res.Body.Close()

  body, err := ioutil.ReadAll(res.Body)
  if err != nil {


Using JavaScript

const axios = require('axios');

let data = JSON.stringify({
  "project_name": "my new project",
  "catalog": "default",
  "default_branch": "main"

let config = {
  method: 'post',
maxBodyLength: Infinity,
  url: '<your-team-name>/projects',
  headers: { 
    'Authorization': 'Bearer <your_token>', 
    'Content-Type': 'application/json'
  data : data

.then((response) => {

.catch((error) => {

Using Java

OkHttpClient client = new OkHttpClient().newBuilder()

MediaType mediaType = MediaType.parse("application/json");

RequestBody body = RequestBody.create(mediaType, "{\n    \"project_name\": \"my new project\",\n    \"catalog\": \"default\",\n    \"default_branch\": \"main\"\n}");

Request request = new Request.Builder()
  .method("POST", body)
  .addHeader("Authorization", "Bearer <your-token>")
  .addHeader("Content-Type", "application/json")

Response response = client.newCall(request).execute();

Using other tools

For other tools, Tidelift suggests using the downloadable API specification to assist in accessing the API.

Was this article helpful?
1 out of 1 found this helpful



Article is closed for comments.

Articles in this section

See more