The API of the Digger Orchestrator is neither stable, nor fully documented. Use at your own risk. For full reference of API endpoints, check out /backend/bootstrap/main.go


Every request you make to the API must include a Bearer token for authorization. You can pass this token in the headers of your HTTP request with the key Authorization and the value Bearer YOUR_TOKEN.

headers = {"Authorization": "Bearer YOUR_TOKEN"}

Replace YOUR_TOKEN with your admin or access token.

Retrieve Policy Rules

  • For a specific project:
GET /repos/:namespace/projects/:projectName/access-policy
  • For an entire organisation:
GET /orgs/:organisation/access-policy

:namespace and :projectName or :organisation should be replaced with actual values that represent your project or organization.

Update Policy Rules

  • For a specific project:
PUT /repos/:namespace/projects/:projectName/access-policy
  • For an entire organisation:
PUT /orgs/:organisation/access-policy

For these requests, your request body should contain a policy document written as an OPA policy with package digger and expected to have the “allow” rule.