Getting started
Create repos from the CLI or API, then use stock Git with corigin remotes.
Getting Started
Install and sign in
Install the CLI and confirm the corigin binary is on your PATH.
npm install -g @corigin/clicorigin --helpThen start browser sign-in.
corigin loginSign up or sign in in the browser, then approve the CLI session.
Create a repo
corigin init
Start in a fresh project directory. corigin init creates the repo, initializes Git when needed, sets origin, and prints the corigin remote URL.
mkdir hello-corigincd hello-corigincorigin init hello-coriginCommit normally, then push with Git.
echo "hello from corigin" > README.mdgit add README.mdgit commit -m "initial commit"git push -u origin maincorigin repos create
Create an empty repo, capture the remote URL, and clone it with Git.
REMOTE_URL=$(corigin repos create hello-corigin)git clone $REMOTE_URLAPI
Backend examples read CORIGIN_API_KEY. Do not pass workspace API keys into sandboxes.
curl -sS https://api.corigin.dev/v1/repos \ -H "Authorization: Bearer $CORIGIN_API_KEY" \ -H "Content-Type: application/json" \ -d '{"name":"agent-run"}'Store the returned id and remote_url.
Clone with Git
git clone corigin://<repo_id>Sandbox scoped repo access
Clone inside a sandbox
Create CORIGIN_TOKEN
Create the token from your backend with a workspace API key. The API returns token and expires_at; pass only token to the sandbox.
curl -sS https://api.corigin.dev/v1/repos/token \ -H "Authorization: Bearer $CORIGIN_API_KEY" \ -H "Content-Type: application/json" \ -d '{"repo_id":"<repo_id>","access":"write","ttl_seconds":3600}'Use read when the sandbox only clones or fetches. Use write when it needs to push; write tokens also satisfy clone and fetch.
Clone with CORIGIN_TOKEN
Pass the repo token to the sandbox as CORIGIN_TOKEN. The repo id stays in the corigin remote URL; no separate repo-id environment variable is needed.
CORIGIN_TOKEN=<repo_token> git clone corigin://<repo_id> appAPI docs
Repo API reference
Corigin API
Workspace repo API.
GET/v1/reposList repos
Parameters
This request does not use path parameters.
Request body
This request does not include a JSON body.
Returns
200Repos visible to the workspace API key
Response object
reposarray<Repo>required
Errors
401Missing or invalid credential
403Credential is valid but not authorized
POST/v1/reposCreate a repo
Creates a repo in the workspace and returns its corigin remote URL. New repos start empty. Repo names are metadata and may repeat.
Parameters
This request does not use path parameters.
Request body (application/json)
nameRepoNamerequired
Returns
201Repo created
Response object
idRepoIdrequired
nameRepoNamerequired
remote_urlRemoteUrlrequired
Server-produced Git remote URL for the repo.
created_atTimestamprequired
Errors
400Invalid request
401Missing or invalid credential
403Credential is valid but not authorized
409Request conflicts with current workspace state
DELETE/v1/repos/{id}Delete a repo
Deletes the repo from future workspace listings and prevents new repo tokens from being issued. Existing repo tokens remain valid until expiry.
Parameters
idRepoIdrequired
Request body
This request does not include a JSON body.
Returns
204Repo deleted
Response object
This response does not define object fields.
Errors
401Missing or invalid credential
403Credential is valid but not authorized
404Resource not found
POST/v1/repos/tokenCreate a repo-scoped token
Issues a short-lived token for Git access to one repo. Deleted repos, revoked API keys, and removed workspace access prevent new tokens from being issued.
Parameters
This request does not use path parameters.
Request body (application/json)
repo_idRepoIdrequired
accessRepoTokenAccessrequired
ttl_secondsinteger (default 60, min 60, max 43200)
Token lifetime in seconds.
Returns
201Repo token created
Response object
tokenstringrequired
expires_atTimestamprequired
Errors
400Invalid request
401Missing or invalid credential
403Credential is valid but not authorized
404Resource not found
Objects
Repo
idRepoIdrequired
nameRepoNamerequired
remote_urlRemoteUrlrequired
Server-produced Git remote URL for the repo.
created_atTimestamprequired
ListReposResponse
reposarray<Repo>required
CreateRepoRequest
nameRepoNamerequired
CreateRepoTokenRequest
repo_idRepoIdrequired
accessRepoTokenAccessrequired
ttl_secondsinteger (default 60, min 60, max 43200)
Token lifetime in seconds.
CreateRepoTokenResponse
tokenstringrequired
expires_atTimestamprequired
Error
code"BadRequest" | "missing_authorization" | "invalid_api_key" | "repo_not_found" | "repo_deleted" | "active_repo_limit_exceeded" | "workspace_suspended"required
messagestringrequired
OpenAPI YAML
openapi: 3.1.0
info:
title: Corigin API
version: 0.1.0
summary: Workspace repo API.
description: |
HTTP API for managing repos and creating short-lived repo tokens.
servers:
- url: https://api.corigin.dev
tags:
- name: Health
- name: Repos
- name: Repo Tokens
paths:
/v1/repos:
get:
operationId: listRepos
tags:
- Repos
summary: List repos
security:
- WorkspaceApiKey: []
responses:
"200":
description: Repos visible to the workspace API key
content:
application/json:
schema:
$ref: "#/components/schemas/ListReposResponse"
"401":
$ref: "#/components/responses/Unauthorized"
"403":
$ref: "#/components/responses/Forbidden"
post:
operationId: createRepo
tags:
- Repos
summary: Create a repo
description: |
Creates a repo in the workspace and returns its corigin remote URL. New
repos start empty. Repo names are metadata and may repeat.
security:
- WorkspaceApiKey: []
requestBody:
required: true
content:
application/json:
schema:
$ref: "#/components/schemas/CreateRepoRequest"
responses:
"201":
description: Repo created
content:
application/json:
schema:
$ref: "#/components/schemas/Repo"
"400":
$ref: "#/components/responses/BadRequest"
"401":
$ref: "#/components/responses/Unauthorized"
"403":
$ref: "#/components/responses/Forbidden"
"409":
$ref: "#/components/responses/Conflict"
/v1/repos/{id}:
delete:
operationId: deleteRepo
tags:
- Repos
summary: Delete a repo
description: >
Deletes the repo from future workspace listings and prevents new repo
tokens from being issued. Existing repo tokens remain valid until
expiry.
security:
- WorkspaceApiKey: []
parameters:
- $ref: "#/components/parameters/RepoId"
responses:
"204":
description: Repo deleted
"401":
$ref: "#/components/responses/Unauthorized"
"403":
$ref: "#/components/responses/Forbidden"
"404":
$ref: "#/components/responses/NotFound"
/v1/repos/token:
post:
operationId: createRepoToken
tags:
- Repo Tokens
summary: Create a repo-scoped token
description: |
Issues a short-lived token for Git access to one repo. Deleted repos,
revoked API keys, and removed workspace access prevent new tokens from
being issued.
security:
- WorkspaceApiKey: []
requestBody:
required: true
content:
application/json:
schema:
$ref: "#/components/schemas/CreateRepoTokenRequest"
responses:
"201":
description: Repo token created
content:
application/json:
schema:
$ref: "#/components/schemas/CreateRepoTokenResponse"
"400":
$ref: "#/components/responses/BadRequest"
"401":
$ref: "#/components/responses/Unauthorized"
"403":
$ref: "#/components/responses/Forbidden"
"404":
$ref: "#/components/responses/NotFound"
components:
securitySchemes:
WorkspaceApiKey:
type: http
scheme: bearer
bearerFormat: workspace_api_key
description: Revocable workspace API key.
parameters:
RepoId:
name: id
in: path
required: true
schema:
$ref: "#/components/schemas/RepoId"
responses:
BadRequest:
description: Invalid request
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
Unauthorized:
description: Missing or invalid credential
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
Forbidden:
description: Credential is valid but not authorized
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
NotFound:
description: Resource not found
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
Conflict:
description: Request conflicts with current workspace state
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
schemas:
RepoId:
type: string
format: uuid
Timestamp:
type: string
format: date-time
RepoName:
type: string
minLength: 1
maxLength: 128
RemoteUrl:
type: string
description: Server-produced Git remote URL for the repo.
pattern: ^corigin://[0-9a-f-]{36}$
example: corigin://018f2f76-9a7b-7c2d-8a7e-0e36f7c8d002
Repo:
type: object
additionalProperties: false
required:
- id
- name
- remote_url
- created_at
properties:
id:
$ref: "#/components/schemas/RepoId"
name:
$ref: "#/components/schemas/RepoName"
remote_url:
$ref: "#/components/schemas/RemoteUrl"
created_at:
$ref: "#/components/schemas/Timestamp"
ListReposResponse:
type: object
additionalProperties: false
required:
- repos
properties:
repos:
type: array
items:
$ref: "#/components/schemas/Repo"
CreateRepoRequest:
type: object
additionalProperties: false
required:
- name
properties:
name:
$ref: "#/components/schemas/RepoName"
RepoTokenAccess:
type: string
enum:
- read
- write
CreateRepoTokenRequest:
type: object
additionalProperties: false
required:
- repo_id
- access
properties:
repo_id:
$ref: "#/components/schemas/RepoId"
access:
$ref: "#/components/schemas/RepoTokenAccess"
ttl_seconds:
type: integer
minimum: 60
maximum: 43200
default: 60
description: Token lifetime in seconds.
CreateRepoTokenResponse:
type: object
additionalProperties: false
required:
- token
- expires_at
properties:
token:
type: string
expires_at:
$ref: "#/components/schemas/Timestamp"
Error:
type: object
additionalProperties: false
required:
- code
- message
properties:
code:
type: string
enum:
- BadRequest
- missing_authorization
- invalid_api_key
- repo_not_found
- repo_deleted
- active_repo_limit_exceeded
- workspace_suspended
message:
type: string