forgejo-api.tionis.dev
Forgejo API CORS proxy
A browser-safe facade for selected Forgejo API endpoints. Static apps use this origin for OAuth token exchange and API calls while the main Forgejo UI stays on forge.tionis.dev.
Use These URLs
- OAuth authorize
- https://forge.tionis.dev/login/oauth/authorize
- OAuth token exchange
https://forgejo-api.tionis.dev/login/oauth/access_token- API base
https://forgejo-api.tionis.dev/api/v1/- OpenAPI spec
- https://forge.tionis.dev/swagger.v1.json
- Swagger UI
- https://forge.tionis.dev/api/swagger
Browser Flow
- Redirect the user to Forgejo on
https://forge.tionis.dev/login/oauth/authorize. - Receive the authorization code at the static app redirect URI.
- Exchange the code at
https://forgejo-api.tionis.dev/login/oauth/access_token. - Call
https://forgejo-api.tionis.dev/api/v1/...withAuthorization: Bearer <token>.
Proxy Contract
- Only
/login/oauth/access_tokenand/api/v1/*are proxied. - CORS allows any origin for bearer-token API access.
- Cookies are stripped in both directions; use OAuth bearer tokens, not browser cookies.
- Preflight requests to proxied paths return
204 No Content.
Quick API Check
curl -i https://forgejo-api.tionis.dev/api/v1/version \
-H 'Origin: https://example.net'