How I can use an document json with have link protected?

[OlivlfilipeOliveira]

I would like to know if I can use a protected link to the json document? For example, a json file that is in gitlab.

[jNullj]

I'd be happy to assist you. Could you please provide some additional details to help us better understand your requirements?

1. Are you trying to use Shields.io for serving badges, or are you using your own instance?
2. What type of badge are you attempting to create? Is it an existing GitLab badge or a dynamic badge?
3. Could you clarify the JSON file you are trying to read? Is it hosted on GitLab or a GitLab instance?
4. How is the JSON file protected, and what authentication method is required to access it (e.g., API key, OAuth)?

With these details, we can provide a more accurate solution for your use case.

[OlivlfilipeOliveira]

1 - initially I want to understand how I could carry out this task, regardless of whether it is on Shields.io or in my own instance. But I believe that in this case it would be important to focus on the own instance scenario.

2 - Dynamic badge.

3 - The JSON will be hosted in a Gitlab instance. Here is an example of what this json will look like: https://pastebin.com/raw/1VLxKpxZ

4 - The method to access the API key would be.

[jNullj]

I don't think we currently have a way of using auth for dynamic badges. If the content of the file are not sensitive and you have sufficient control over the gitlab instance you might be able to make the file accessible to shields.io or you might be able to increase privacy by only making it accessible to your instance of shields.

[chris48s]

The dynamic badges just call a URL.
This is the same for both shields.io and self-hosted instances.

This means that if you can pass the auth as part of the URL e.g:

• HTTP Basic Auth: https://user:[email protected]/document.json
• Query String: https://example.com/document.json?api_key=abc123

You could request a document that requires auth. Although that does require exposing the credentials to anyone who can see your README in plain text (and also to us, if you use shields.io) so you might not want to do that for obvious reasons.

There's no mechanism to pass auth in other ways (e.g: in a header) for the dynamic badges, even if you host your own instance.

[OlivlfilipeOliveira]

Thanks, @chris48s and @jNullj !

[calebcartwright]

The Custom Endpoint badge might be an alternative option to the dynamic json badge; your custom endpoint can contain the relevant auth, make the call to gitlab with the auth, and then the custom endpoint can be accessed anonymously by shields.io/self-hosted shields server