Skip to content

Applying for API Tokens

Jump to bottom
K.L.I.E edited this page Nov 17, 2025 · 3 revisions

Modrinth

Apply for an API key from Pats and set permissions as shown in the images

Modrinth Pats

Modrinth Pats After clicking Create PAT, click to copy the API Token starting with mrp_, save it and fill it into the ModPublish settings.

Curseforge

For Curseforge, you need to apply for two Tokens: API Token and Studio Token.

Apply for Studio Token from here

Curseforge Studio Token

If the API Token is not displayed after registration, please leave and return to this page after a few minutes. It will be used for dependency validation.

Apply for API Token from here, they are similar to UUIDs. It will be used for file uploads and version creation.

Github

Please apply from Fine-grained personal access tokens and configure permissions as shown in the image.

Github PAT

Token should start with github_pat_.

Gitlab

TODO

Fill in API Tokens and ModID

If you want to use the same API Token across multiple projects, you should fill them in at the following location in IDEA: Settings | Tools | ModPublish: Global Settings

You also need to add ModIDs in Project | Tools | Configure ModPublish for Project. The API Token you fill in here will override the global API Token.

About API Token Security

I cannot completely guarantee its security. What you need to do is not share the following information with others:

  • The workspace.xml file in the project's .idea directory
  • IDEA's global configuration files
  • Any of your API Tokens

Additionally, the API Token will generate an encryption key based on your environment and use this encryption key to process the API Token, encrypting and decrypting it when needed. If hardware information, system information, and JVM change, the old API Token will immediately become invalid and unreadable. Therefore, please open settings to back up or generate new API Tokens before making any changes to prevent operation interruption.

Do not run software from unknown sources, and do not actively calculate encryption keys and share them with others! If you believe your API Tokens have been leaked, please revoke them immediately and regenerate new ones.

If they support fine-grained permission configuration, please do so and do not add extra permissions.

Clone this wiki locally