GoRules APIs support two authentication methods depending on the token type:
| Token Type | Header |
|---|
| Personal Access Token | Authorization: Bearer <token> |
| Evaluation Token | X-Access-Token: <token> |
Personal Access Tokens
Personal Access Tokens (PAT) authenticate requests to the BRMS API with your user identity. Use PATs for:
- Managing projects, documents, and releases
- Administrative operations
- CI/CD pipelines that need full API access
Creating a PAT
- Navigate to your Profile in the BRMS
- Find the Personal access token section
- Click Generate token
- Configure the token:
- Note: A description to identify the token’s purpose
- Expiry: Token lifetime (Month, Quarter, Year, or custom)
- All projects: Toggle to grant access to all projects or select specific ones
- Permissions: Select the required permissions
PAT Permissions
| Permission | Description |
|---|
| Project Manage | Members, groups, tokens, approvers, configuration |
| Documents | Access to decision documents (Projects v1) |
| Branches | Access to branches (Projects v2) |
| Integrations manage | Manage integrations (deprecated) |
| Releases | Create and manage releases |
| Environments | Configure and deploy to environments |
Store your PAT securely. It provides access to your BRMS resources based on the permissions granted.
Evaluation Tokens
Evaluation tokens authenticate requests to evaluate decisions. They are scoped to a specific project and used for:
- Evaluating decisions via BRMS API
- Authenticating with the Agent service
- Production workloads
Creating an Evaluation Token
- Open your project in the BRMS
- Go to Settings > Access Tokens
- Click Generate token
- Give the token a name
Using Evaluation Tokens
Evaluation tokens work with both the BRMS evaluation endpoints and the Agent service:
curl -X POST https://your-brms.example.com/api/projects/{project}/evaluate/{key} \
-H "X-Access-Token: <evaluation-token>" \
-H "Content-Type: application/json" \
-d '{"context": {"input": "value"}}'
Evaluation tokens are contained within releases. When you deploy a release to the Agent, the token is used to authenticate evaluation requests.
Token Comparison
| Feature | Personal Access Token | Evaluation Token |
|---|
| Created in | Profile | Project Settings |
| Scope | User-level | Project-level |
| BRMS management API | Yes | No |
| BRMS evaluation API | Yes | Yes |
| Agent API | No | Yes |
| Configurable permissions | Yes | No (evaluation only) |
