{"id":15673165,"url":"https://github.com/ikalnytskyi/httpie-auth-store","last_synced_at":"2026-03-09T23:03:05.509Z","repository":{"id":36356507,"uuid":"222537342","full_name":"ikalnytskyi/httpie-auth-store","owner":"ikalnytskyi","description":"Credential store plugin for HTTPie, attaches auth to ongoing request.","archived":false,"fork":false,"pushed_at":"2024-06-20T21:23:09.000Z","size":130,"stargazers_count":16,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-10-30T15:50:51.940Z","etag":null,"topics":["api","cli","credential-storage","curl","developer-tools","http","httpie","rest"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ikalnytskyi.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"ko_fi":"ikalnytskyi","custom":"https://send.monobank.ua/2GWDRDwGZ8"}},"created_at":"2019-11-18T20:22:40.000Z","updated_at":"2025-10-06T09:05:38.000Z","dependencies_parsed_at":"2024-06-20T23:12:45.040Z","dependency_job_id":null,"html_url":"https://github.com/ikalnytskyi/httpie-auth-store","commit_stats":{"total_commits":16,"total_committers":1,"mean_commits":16.0,"dds":0.0,"last_synced_commit":"6cfe12b3030e2fdc651605287c5fd7e30fa172f0"},"previous_names":["ikalnytskyi/httpie-auth-store","ikalnytskyi/httpie-credential-store"],"tags_count":5,"template":false,"template_full_name":null,"purl":"pkg:github/ikalnytskyi/httpie-auth-store","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ikalnytskyi%2Fhttpie-auth-store","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ikalnytskyi%2Fhttpie-auth-store/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ikalnytskyi%2Fhttpie-auth-store/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ikalnytskyi%2Fhttpie-auth-store/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ikalnytskyi","download_url":"https://codeload.github.com/ikalnytskyi/httpie-auth-store/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ikalnytskyi%2Fhttpie-auth-store/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30315982,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-09T20:05:46.299Z","status":"ssl_error","status_checked_at":"2026-03-09T19:57:04.425Z","response_time":61,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["api","cli","credential-storage","curl","developer-tools","http","httpie","rest"],"created_at":"2024-10-03T15:38:02.363Z","updated_at":"2026-03-09T23:03:05.467Z","avatar_url":"https://github.com/ikalnytskyi.png","language":"Python","funding_links":["https://ko-fi.com/ikalnytskyi","https://send.monobank.ua/2GWDRDwGZ8"],"categories":[],"sub_categories":[],"readme":"# HTTPie Auth Store\n\n\u003e [!NOTE]\n\u003e\n\u003e The plugin was renamed from `httpie-credential-store` to `httpie-auth-store`\n\u003e primarily due to backward incompatible changes and because the new name\n\u003e better reflects its nature.\n\nHTTPie Auth Store is an [HTTPie] authentication plugin that automatically\nselects the appropriate authentication type and payload from a file containing\nauthentication bindings, then uses them for the current request. No more\nmemorizing or searching for tokens, usernames, or passwords — simply add them\nto the authentication store, and the plugin handles the rest. This plugin also\nsupports various secret storage options, such as system keychains and password\nmanagers (see supported [Secret providers]).\n\nEager to get started? Just start with installing!\n\n```sh\nhttpie cli plugins install httpie-auth-store\n```\n\nor via `pip` in the same python environment where HTTPie is installed:\n\n```sh\npython3 -m pip install httpie-auth-store\n```\n\n\n## Table of Content\n\n* [Usage](#usage)\n* [Authentication types](#authentication-types)\n  * [basic](#basic)\n  * [digest](#digest)\n  * [bearer](#bearer)\n  * [header](#header)\n  * [composite](#composite)\n  * [hmac](#hmac)\n* [Secret providers](#secret-providers)\n  * [sh](#sh)\n  * [system](#system)\n  * [password-store](#password-store)\n* [FAQ](#faq)\n\n\n## Usage\n\n\u003e [!IMPORTANT]\n\u003e\n\u003e Do not forget to pass `-A store` or `--auth-type store` to HTTPie in order to\n\u003e activate the plugin.\n\nOnce installed, the plugin looks for `auth_store.json` located in the HTTPie\nconfiguration directory. On macOS and Linux, it tries the following locations:\n`$HTTPIE_CONFIG_DIR/auth_store.json`, `$HOME/.httpie/auth_store.json` and\n`$XDG_CONFIG_HOME/httpie/auth_store.json`; on Windows —\n`%HTTPIE_CONFIG_DIR%\\auth_store.json` and `%APPDATA%\\httpie\\auth_store.json`\n\n\u003e [!NOTE]\n\u003e\n\u003e The authentication store can be automatically created with few examples on\n\u003e first plugin activation, e.g. `http -A store https://pie.dev/bearer`.\n\nThe authentication store is a JSON file that contains two sections: `bindings`\nand `secrets`:\n\n```json\n{\n  \"bindings\": [\n    {\n      \"auth_type\": \"bearer\",\n      \"auth\": \"$GITHUB_TOKEN\",\n      \"resources\": [\"https://api.github.com/\"]\n    },\n    {\n      \"id\": \"bots\",\n      \"auth_type\": \"bearer\",\n      \"auth\": \"ZWFzdGVyIGVnZwo\",\n      \"resources\": [\"https://api.github.com/\"]\n    },\n  ],\n  \"secrets\": {\n    \"GITHUB_TOKEN\": {\n      \"provider\": \"system\",\n      \"service\": \"github.com\",\n      \"username\": \"ikalnytskyi\"\n    }\n  }\n}\n```\n\nEach _binding_ is a JSON object that contains the following keys:\n\n* `id` (*str*, *optional*) is an authentication binding ID that can be used to\n  overcome ambiguity when two or more bindings are matched.\n\n* `auth_type` (*str*, *required*) is an authentication type supported by HTTPie,\n  either natively or via third-party plugins. See [Authentication types] for\n  details.\n\n* `auth` (*str*, *optional*) is an authentication payload for the given\n  authentication type. Required for certain authentication types, optional for\n  others. Tokens started with `$` are replaced with secrets referred by those\n  tokens. The `$` sign must be escaped (`$$`) to remain untouched.\n\n* `resources` (*List\\[str\\]*, *required*) is an array of URLs to activate this\n  binding for. Must contain both scheme and hostname.\n\nEach _secret_ is a KV-pair, where key is a secret name, and value is either a\nsecret itself or a JSON object that specified how a secret must be retrieved\nfrom secure storage. The JSON object must contain the `provider` key. Presence\nof other keys are provider dependent (see [Secret providers] section below).\n\nOnce the authenticate store is set up, just pass `-A store` to HTTPie to\nactivate the plugin and perform some magic for you.\n\n```sh\nhttp -A store https://api.github.com\n```\n\nIf there are two or more authentication bingind in the store that match the\nsame resource, you can select appropriate binding by providing a binding ID by\npassing `-a` or `--auth` to HTTPie. This might come handy when you have\nmultiple accounts on the same web resource.\n\n```sh\nhttp -A store -a bots https://api.github.com\n```\n\n\n## Authentication types\n\nHTTPie Auth Store supports both built-in and third-party HTTPie authentication\ntypes as well as provides few authentication types on its own.\n\n\u003e [!TIP]\n\u003e\n\u003e It's advised to store your secrets in password managers instead of storing\n\u003e them directly in the authentication store file.\n\n### basic\n\nThe 'Basic' HTTP authentication type as defined in RFC 7617. Transmits\ncredentials as username/password pairs, encoded using Base64.\n\n```json\n{\n  \"auth_type\": \"basic\",\n  \"auth\": \"ihor:p@ss\"\n}\n```\n\nwhere\n\n* `auth` is a `:`-delimited username/password pair\n\n### digest\n\nThe 'Digest' HTTP authentication type as defined in RFC 2617. It applies a hash\nfunction to the username and password before sending them over the network.\n\n\n```json\n{\n  \"auth_type\": \"digest\",\n  \"auth\": \"ihor:p@ss\"\n}\n```\n\nwhere\n\n* `auth` is a `:`-delimited username/password pair\n\n### bearer\n\nThe 'Bearer' HTTP authentication type transmits token in the `Authorization`\nHTTP header.\n\n```json\n{\n  \"auth_type\": \"bearer\",\n  \"auth\": \"t0ken\"\n}\n```\n\nwhere\n\n* `auth` is a bearer token to authenticate with\n\n### header\n\nThe 'Header' authentication type is not exactly an authentication scheme. It's\nrather a way to set a free-formed HTTP header that may or may not contain any\nsecret material.\n\n```json\n{\n  \"auth_type\": \"header\",\n  \"auth\": \"X-Secret:s3cret\"\n}\n```\n\nwhere\n\n* `auth` is a `:`-delimited HTTP header name/value pair\n\nThe 'Header' authentication type can be used to bypass any kind of limitations\nimposed by built-in or third-party authentication types. For instance, you can\npass a bearer token with non-default authentication scheme, say `JWT`, without\nbreaking a sweat.\n\n```json\n{\n  \"auth_type\": \"header\",\n  \"auth\": \"Authorization:JWT t0ken\"\n}\n```\n\n### composite\n\nThe 'Composite' authentication type is a not an authentication type either.\nIt's a way to use multiple authentication types simultaneously. It might come\nhandy when in addition to `basic` or `bearer` authentication, you have to\nsupply an extra secret via custom HTTP header.\n\n```json\n{\n  \"auth_type\": \"composite\",\n  \"auth\": [\n    {\n      \"auth_type\": \"bearer\",\n      \"auth\": \"t0ken\"\n    },\n    {\n      \"auth_type\": \"header\",\n      \"auth\": \"X-Secret:s3cret\"\n    }\n  ]\n}\n```\n\nwhere\n\n* `auth` is a list of authentication entries, as supported by HTTPie\n\n### hmac\n\nThe 'HMAC' authentication type is not built-in and requires the `httpie-hmac`\nplugin to be installed first. Its only purpose here is to serve as an example\nof how to use a third-party authentication type in the authentication store.\n\n```json\n{\n \"auth_type\": \"hmac\",\n \"auth\": \"secret:czNjcjN0Cg==\"\n}\n```\n\nwhere\n\n* `auth` is a HMAC specific authentication payload\n\n\n## Secret providers\n\nThe plugin supports some secret providers that can be used to retrieve tokens,\npasswords and other secret materials from various secured storages.\n\n### sh\n\nThe 'Sh' secret provider retrieves a secret from the standard output of the\nshell script. This is a universal approach that can be used to retrieve secrets\nfrom unsupported password managers using their command line interfaces.\n\n```json\n{\n  \"provider\": \"sh\",\n  \"script\": \"cat ~/path/to/secret | tr -d '\\n'\"\n}\n```\n\nwhere\n\n* `script` is a shell script to execute\n\n### system\n\nThe 'System' secret provider, as the name suggests, retrieves a secret from\nyour system keychain. It may be KWallet, GNOME Keyring, macOS Keychain or even\nWindows Credential Locker.\n\n```json\n{\n  \"provider\": \"system\",\n  \"service\": \"github\",\n  \"username\": \"ikalnytskyi\"\n}\n```\n\nwhere\n\n* `service` is a service to retrieve a secret from\n* `username` is a username to retrieve a secret from\n\n### password-store\n\nThe 'Password Store' secret provider invokes the `pass` executable on your\nsystem, and retrieves the secret from the first line of referred record.\n\n```json\n{\n  \"provider\": \"password-store\",\n  \"name\": \"github.com/ikalnytskyi\"\n}\n```\n\nwhere\n\n* `name` is a password-store entry name to retrieve a secret from\n\n## FAQ\n\n* **Q**: How to get know what authentication is used for the given request?\n\n  **A**: You can run HTTPie with `--offline` argument to print the request\n  header along with injected authentication credentials.\n\n\n[HTTPie]: https://httpie.org/\n[Authentication types]: #authentication-types\n[Secret providers]: #secret-providers\n[password-store]: https://www.passwordstore.org/\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fikalnytskyi%2Fhttpie-auth-store","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fikalnytskyi%2Fhttpie-auth-store","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fikalnytskyi%2Fhttpie-auth-store/lists"}