API reference
Public HTTP API endpoints and typed procedure groups.
The public API is the same typed contract used by the CLI and SDK. The RPC transport lives at:
https://api.repome.sh/api/rpcAn OpenAPI view is also published for HTTP clients:
https://api.repome.sh/api/v1/openapi.json
https://api.repome.sh/api/v1/docsAuthentication
Signed-in requests use an API key:
Authorization: Bearer rpme_...Create one with the CLI:
repome keys create ci --scope repos:read --scope repos:writeAnonymous repo requests use an anonymous identifier:
X-Repome-Anon-Id: <id>The high-level repome.ephemeral() and repome anon commands create and
reuse that identifier for you.
Procedure groups
| Group | Purpose |
|---|---|
health.ping | API health probe |
me.get | Current user, active organization, and membership context |
orgs.* | Create, list, get, and delete organizations |
members.* | List, invite, remove, accept, and update organization members |
repos.* | Create, import, ensure, get, list, update, and delete repos |
git.* | Read refs, commits, trees, blobs, compare/diff, and commit workspace changes |
tokens.* | Mint, list, revoke, and validate repo-scoped git tokens |
keys.* | Create, list, and delete API keys |
anon.* | Create and manage anonymous ephemeral repos and their git reads/writes |
Repos are addressed by bare name everywhere — repos.*, git.*, and
tokens.* inputs carry no org field; the server resolves names against the
caller's active organization. orgs.create takes only an optional name:
the slug is server-minted (an opaque org-… handle). orgs.delete refuses
to delete your last owned org (ORG_LAST_OWNED) or an org that still owns
repos (ORG_HAS_REPOS).
Raw file/blob route
For fetching file bytes directly — downloads, browser viewers, curl — use the
raw byte route instead of the base64-wrapped git.blob.get procedure:
GET /:name/raw/:ref/<path>
HEAD /:name/raw/:ref/<path>:name is the bare repo name, resolved against the session's active
organization. :ref is a single segment — a branch name, HEAD, or a full
commit sha (a short branch name is expanded to refs/heads/<name>). The
response is the raw bytes (no JSON/base64 envelope) with Content-Type: application/octet-stream, Content-Length, ETag (the blob oid),
X-Repome-Blob-Oid, and X-Repome-Blob-Size. HEAD returns the same
headers with no body.
curl -H "Authorization: Bearer rpme_..." \
https://api.repome.sh/site/raw/main/public/logo.png -o logo.pngResponses are bounded at 10 MiB. A larger blob returns 413 Payload Too Large with X-Repome-Blob-Limit (and X-Repome-Blob-Oid / X-Repome-Blob-Size).
Raw read vs. git clone/fetch
- Raw route /
git.blob.get— single files you can name by path, up to the limits above (git.blob.getreturns base64 JSON capped at 1 MiB; the raw route returns bytes up to 10 MiB). Best for previews, downloads, and tooling that already knows the path. git clone/git fetch— whole repositories, history, or any object past the raw limit. Large files always belong on the git-native transport, which streams from Artifacts without materializing the object in one piece.
Low-level SDK client
For TypeScript callers, @repome/sdk exposes the raw typed RPC client:
import { createClient } from '@repome/sdk'
const client = createClient({
baseUrl: 'https://api.repome.sh',
apiKey: process.env.REPOME_API_KEY!,
})
const repos = await client.repos.list({})Use the OpenAPI document when generating non-TypeScript clients.