Docs · Integration Kit

Integrate your brain anywhere

Your RepoOps Portable Personal Brain is not locked in the dashboard. Mint a scoped, revocable read token and any external property (a marketing site like salesascode.com, a Google Sheet, a CRM widget, a bot) becomes a thin client that reads a slice of the brain you own. The server side already exists and is security-reviewed; this kit is the copy-paste client over it.

The one endpoint the kit uses

GET /api/me/brain/context is the only endpoint that accepts a capability read token. It returns the cited slices of your owned brain. Each hit carries the source filePath and a snippet:

GET https://www.repoops.ai/api/me/brain/context?q=<question>
Authorization: Bearer <YOUR_READ_TOKEN>

→ 200 {
  "query": "...",
  "total": 3,
  "shown": 3,
  "hits": [
    { "filePath": "projects/pricing.md", "kind": "project",
      "rank": 0.19, "snippet": "we set the Team tier at ..." }
  ]
}

It returns cited matches, not a synthesized prose answer. The reasoning endpoint (POST /api/me/brain/ask) is owner-authenticated (your browser session or a CLI token), never the external read token, so it is deliberately not part of this kit. A read token reads; it can never write, and it can never reason on the server with a stronger model on your behalf.

Mint a scoped read token

In the dashboard, open My Brain → Personal read tokens. Give the token a label, a minimal scope (a kinds allowlist and/or path-prefixes, for example kind:projects,preferences), and a finite TTL. The raw token is shown onceon mint (it is stored only as a hash), so copy it straight into your integration’s secret store.

REST / JS snippet

A minimal fetch() client (Node 18+ or a browser via your own backend proxy). The full file lives in the repo at docs/integration-kit/snippet.js:

const BASE_URL = "https://www.repoops.ai";
// Load the token from a SERVER-SIDE env var. Never hardcode or commit it.
const READ_TOKEN = process.env.REPOOPS_READ_TOKEN;

async function askMyBrain(question) {
  const url = new URL("/api/me/brain/context", BASE_URL);
  url.searchParams.set("q", question); // query in the URL...
  const res = await fetch(url, {
    headers: {
      // ...but the TOKEN goes in the header, never the URL.
      Authorization: `Bearer ${READ_TOKEN}`,
      Accept: "application/json",
    },
  });
  if (res.status === 401) throw new Error("token invalid / expired / revoked");
  if (res.status === 429) throw new Error("per-token daily read cap exceeded");
  if (!res.ok) throw new Error(`HTTP ${res.status}`);
  return res.json(); // { query, total, shown, hits: [{ filePath, kind, snippet }] }
}

curl

export REPOOPS_READ_TOKEN='<YOUR_READ_TOKEN>'   # from your secret store

curl -sS -G "https://www.repoops.ai/api/me/brain/context" \
  -H "Authorization: Bearer $REPOOPS_READ_TOKEN" \
  -H "Accept: application/json" \
  --data-urlencode "q=what did I decide about pricing?"

-G plus --data-urlencode puts the query in the query string safely; the token stays in the -H header. The full script is at docs/integration-kit/snippet-curl.sh.

Google Sheets (Apps Script)

Paste docs/integration-kit/apps-script/Code.gs into Extensions → Apps Script, then add your token as a Script Property named REPOOPS_READ_TOKEN (Project Settings → Script Properties). The token lives there, never in the script source. Then in any cell:

=REPOOPS_ASK("what did I decide about pricing?")
=REPOOPS_ASK("onboarding notes", 5)

The custom function reads the token from Script Properties, calls /api/me/brain/context with the Bearer header, and returns the cited snippets into the cell. Full setup steps are in docs/integration-kit/apps-script/README.md.

Token best practices

Client code that ships to a browser cannot hold a secret. If a public page needs brain data, proxy the call through your own backend (which holds the token) rather than embedding the token in the page.

The guarantees behind the token

Portable Personal Brain