API clients

Bunny has an extensive GraphQL API that enables you to do everything that can be done via the user interface. In order to access the API, you will need to create one or more API clients. We recommend creating different API clients for different purposes, such as marketing website, self-service, CRM integration etc.

It's good practice to narrow down the scope as much as possible in order to limit your security exposure.

See Bunny's developer documentation for more details on how to use the API both directly and via Bunny's SDKs.

Rotating client secret

If you client secret has been compromised or needs to be changed you can select the Renew client secret action.

This will immediately generate a new client secret and display it once on the screen. The previous client secret will be removed and no longer work.

Any access tokens that were generated with the old client secret will continue to work until their token expiry date/time has passed.

Generating an access token

You can use the OAuth2 client credentials grant to generate an access token with a refined set of scopes based on the scopes that were enabled on the api client.

Alternately you can generate an access token via the admin UI by clicking the Generate access token button. This will generate an access token containing all of the scopes that have been enabled for the api client and will expire based on the expiration setting for that client.

Events

To aid with troubleshooting API issues, events are stored for seven days. You can browse them on the events tab and see the detailed payloads and responses.