Skip to main content

Using CTFd's REST API with Site Password

If you want to send API requests to CTFd that has a site password, include the Cookie header in the request with the specified name of the Cookie, site_password and the site password.

"Cookie: site_password=<password>"

For example, to get a list of all users by sending a GET request to the endpoint, https://<subdomain>.ctfd.io/api/v1/configs, using cURL, you would send the following:

$ curl \
--request GET https://<subdomain>.ctfd.io/api/v1/configs \
--header "Authorization: Token a8761fc51f0033dd10a176386f3198c1f75df54c23m0ad3fc36cbd0e8615e79ba" \
--header "Content-type:application/json" -d "{}"
--header "Cookie: site_password=samplepassword"